Description:
Role Responsibilities
· This is a hands-on, highly technical position within a fast-paced environment, reporting to the Director of Information Security at our technology center of excellence in Walnut Creek, CA. We are building the Information Security Program, and you will have a great experience building a greenfield environment.
· The role requires three to four days in the office.
· Provide best-in-class enterprise subject-matter expertise across all Cybersecurity controls for on-premises Infrastructure and Azure Cloud.
· Responsible for maintaining operational excellence status on cybersecurity services related to administration, availability, diagrams, documentation, updates, and policy management.
· Investigate and analyze security alerts to determine scope, urgency, impact, and remediation.
· Manage cyber security incidents and conduct triage/forensic analyses and root cause analyses of cyber-attacks.
· Continually improve internal scanning, detection, and reporting of security risks and anomalous activity.
· Provide input for Key Performance Indicators (KPIs) and Metrics reporting.
· Identify opportunities to automate or streamline current processes.
· Participate in tabletop exercises.
Role Requirements
· Bachelor’s degree with advanced security certifications such as CISSP, Certified Cloud Security Professional (CCSP), SANS GIAC, Offensive Security, Azure Certified Security Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100), Etc.
· Six years of experience in Information/Cyber Security.
Bonus Skills (one or more)
· Expertise with Azure Cloud Security and the Azure Well-Architected Framework.
· Experience with Rapid7 Insight IDR and Microsoft Sentinel other SIEM platforms to manage, create, and improve threat detection rules within the SIEM platform.
· Expertise in Beyond Trust PAM , other PAM solutions, and CrowdStrike Identify Exposure.
· Expertise with CrowdStrike or other EDR solutions, and CIS Operating System Hardening
· Expertise with Palo Alto Networks Prisma or other cloud native tools.
· Expertise in Tenable One Vulnerability Management or other VM Platforms.
· Expertise with On-premises Fortinet Fortigate or other NGFW technologies.
· Expertise with Incident Detection and Response.
· Expertise with Synk or other Application code scanning tools. Including, SAST/DAST.
· In-depth understanding of networking and network security and common enterprise communication technologies.
· In-depth knowledge of MITRE ATT&CK, CIS and NIST CSF Frameworks.
· In-depth experience with various cybersecurity techniques and principles, such as Security Operations Center and SIEM, forensics, threat hunting, penetration testing, and threat intelligence.
· Designing and orchestrating requirements for CI/CD pipelines in DEVSECOPS.
· Experience with threat modeling.
· Experience with Microsoft Purview and Data Privacy.
· Experience with drafting security policies, procedures, SOPs.
· Proficiency in secure coding/scripting and automation.