Role: Sr. IT Security Engineer
Location: Los Angeles, CA
Start Date: ASAP
Must pass a background/drug screen
The Sr IT Security Engineer is responsible for executing all phases of the security technology lifecycle including technical requirements, architecture, design, and implementation. The Sr IT Security Engineer possesses an in depth understanding of current and emerging threats and technology to drive improvement in all technical areas of security including network, data, application, cloud, IAM, mobile and endpoint. Integral to the success of this role is building partnerships across IT, strong communication skills, and maintaining an internal and external peer network. The Sr IT Security Engineer leverages a strong external peer network to collaborate on security techniques and validate technical solutions and ideas.
- Architect, design, deploy, and manage the implementation of multiple information security technologies including end point, application, database, network, cloud, infrastructure, and identity management solutions.
- Architect, design and deploy technology to support security operations center including log management, SIEM, vulnerability management, patch management, and forensics tools.
- Conduct research to identify threats and attack vectors and develop mitigating solutions to manage the risk.
- Develop and maintain the S-SDLC through collaboration with business sponsors and development teams to ensure systems are architected with security from the beginning.
- Support the execution and coordination of application and infrastructure penetration testing.
- Review and document security related change requests and advise management on approval decisions.
- Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
- Collaborate with peers across affiliate companies to share incident information, solutions, and best practices
- A minimum education level of: BA/BS Degree (4-year) in Information Technology, CS/Engineering, Economics, Business
- A minimum of 4-6 years of related work experience
- Experience network, infrastructure and web application security.
- Experience in managing and operating vulnerability/patch management processes and tools
- Excellent written and verbal communication skills with the ability to explain technical concepts to a non-technical audience
- In-depth technical knowledge of web development, security engineering, network security, security protocols and cryptography
- Conceptual understanding with deep knowledge in a few security subject areas and broad knowledge over multiple security subject areas and applied experience
- Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework) and best practices
- Experience in coordinating and performing application and infrastructure penetration testing.
- A thorough understanding of tools, policies and standards related to security systems and experience in executing incident response process and procedures
- Demonstrated commitment to continuing education to strengthen skills, broaden expertise and maintain currency with emerging technology.
- Proficient in Microsoft Office (Word, Excel, PowerPoint) and ability to learn applicable business systems.
- Ability to manage multiple projects while maintaining technical currency with emerging security technologies.
- Proven ability to identify vulnerabilities, anticipate threats, and leverage a practical approach to reduce the likelihood or impact of a breach.
- Scripting skills (e.g. Python, PowerShell, shell scripting)
- Experience in risk analysis and risk management process and techniques.
- IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar)
For immediate consideration please submit your resume in Word format, along with daytime contact information. LOCAL CANDIDATES ONLY PLEASE unless you are willing to relocate yourself at your own expense. All submittals will be treated confidentially. Selected candidate may be asked to pass a comprehensive background, credit and/or drug screening. Principals only, no third parties please.
Established in 2000, Atrilogy Solutions Group, Inc. provides organizations of all sizes with high-quality, cost-effective information technology (IT), business process and health care consulting and staffing services. Our industry-leading service model combines experienced project managers with seasoned technical and functional consultants to eliminate client uncertainty and deliver superior value and results.
Clients turn to Atrilogy for expertise in:
- IT staffing and placement (Project Managers, Agile/Scrum Masters, Business Analysts, DBA’s, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists)
- All major ERP & CRM packages (including Oracle, Workday, PeopleSoft, JD Edwards, Lawson, SAP, Dynamics AX, Salesforce, Microsoft CRM, NetSuite)
- Business Intelligence, Data Warehousing, and Big Data Integration
- Creative (Interactive Project Manager/Art Director, Information Architect, UI/UX Designer, Web/Graphic Design)
Atrilogy has been recognized by Inc. magazine as one of the nation’s fastest-growing, privately-held companies. Headquartered in Irvine, California, Atrilogy also has offices in Denver, Phoenix, Atlanta, and Dallas with satellite offices in Boston, Jersey City, Las Vegas, Seattle, and Delhi, India.
Atrilogy Solutions Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.