Senior Security Engineer
Company: Clear Capital
Location: Roseville
Posted on: January 13, 2021
|
|
Job Description:
This key position will play a critical role in safeguarding our
organization's technology infrastructure. You will be responsible
for assessing risk and recommending appropriate security measures
and evaluating the effectiveness of their implementation in
protecting the confidentiality, integrity, and availability of the
information systems and the data entrusted to our safekeeping. You
will stay abreast of company business strategies, information
technology advances in the industry, and the risk profile of
assigned product areas to ensure relevancy of all countermeasure
approaches.As a product security engineer, you will review new and
existing applications for vulnerabilities and opportunities for
enhancements in their security posture. Interact with application
owners to increase security awareness and the potential risks
presented by application vulnerabilities, and establish the
appropriate mitigating actions to manage risk to an acceptable
level. Review infrastructure components, their configurations and
technical controls, working with system owners to identify security
gaps, establishing the appropriate mitigation steps as necessary
with timelines for remediation. Maintain a complete understanding
of the implementation of security controls, the security
architecture, and resulting security posture of assigned product
lines, and support the product owner as the product security expert
during customer engagements and interactions.You will be the leader
of an information security specialty area for your peers (Cloud,
Web Application, Offensive, Defensive, etc), and provide mentoring
and oversight in your area of concentration as necessary. You will
be responsible for mentoring junior members of the team and other
members of the Tech organization without a security background. You
will make recommendations on technical solutions and the adoption
of tools/systems that will increase the security posture of your
area of concentration in relation to the risk exposure
level.Primary Duties and Responsibilities* Architect, design, and
monitor information system security controls and countermeasures
relevant to the risks associated with the application of technology
in support of our customers and information infrastructure*
Analyzes and recommends security controls for the entire lifecycle
of information systems, and assess controls for effectiveness*
Analyzes and recommends security controls and procedures in
business processes related to use of information systems and
assets, and monitors for effectiveness* Monitors information
systems for security incidents and vulnerabilities; develops
monitoring and visibility capabilities; reports on incidents,
vulnerabilities, and trends* Responds to information system
security incidents, including investigation of, countermeasures to,
and recovery from computer-based attacks, unauthorized access, and
policy breaches; interacts and coordinates with third-party
incident responders, including law enforcement* Assess
authentication and access controls of user and system accounts,
security/access roles, and access permissions to information
assets* Analyzes trends and changes in threat and compliance
environment with respect to organizational risk; advises
organization management and develops and executes plans for
compliance and mitigation of risk; performs risk and compliance
self-assessments, and engages and coordinates third-party risk and
compliance assessments* Analyzes and develops information security
governance, including organizational policies, procedures,
standards, baselines and guidelines with respect to information
security and use and operation of information systems* Develops and
administers, or provides advice, evaluation, and oversight for,
information security training and awareness programs* Integrate
security into the software development lifecycle, to include
architecture security assessments, system security documentation,
vulnerability assessments, and recommendations for improvements in
security posture* Play an active role in the design and execution
of infrastructure initiatives to ensure an evolving adherence to
industry best practices for information security* Lead the
execution of the security assessment of specific technical areas of
a project, supervising other team members, and
coaching/teaching/mentoring where necessary* Assess audit
findings/gaps including control weaknesses with an appropriate
degree of professional skepticism, seeking to fully understand
risks to Clear Capital. Assist technology partners with the
development of remediation plans to mitigate weaknesses, providing
thought leadership on the appropriateness of the plan* Demonstrate
commitment to client's and the CTO's strategic vision, be a
self-starter, and promote project ownership and responsibility for
actionsRequired Job Related Skills and Experience* Bachelor's
Degree, ideally in a technology-related field, or equivalent work
experience* Deep experience in one of the following security focus
areas: web application security, system security hardening, AWS
Cloud Security and compliance as code, offensive security,
defensive security* Certified Information Security Systems
Professional (CISSP), Global Information Assurance Certification
(GIAC) Security Essentials (GSEC), Offensive Security Certified
Professional (OSCP), or equivalent information security
certification* Experience in performing vulnerability assessments
using a variety of tools and techniques and prioritizing
remediation efforts based on risk and availability of resources*
Demonstrable knowledge of information security control frameworks,
i.e. National Institute of Standards and Technology (NIST) Risk
Management Framework (RMF), International Organization of
Standardization (ISO)/International Electrotechnical Commission
(IEC) 27001 Information Security Management* Demonstrable knowledge
of information security best practices* High attention to detail
and excellent analytical skills* Excellent oral and written
communication skills; ability to interact with internal and
external stakeholders at all levels of the organization* Customer
centric (internal and external), motivated, focused personality*
Self Accountable and self motivated* Sound independent judgement*
Ability to set priorities and adapt to changes in a quick,
professional manner* Ability to use discretion when handling
confidential information* Ability to "manage-up", often working
closely with the executive team to complete projects and/or host
customersAbout UsClear Capital is the premier provider of real
estate valuation, analytics, and technology solutions. Powered by
its more than 45 years worth of information on nearly every U.S.
metro, neighborhood, and property, Clear Capital's solutions are
trusted by community credit unions and billion-dollar financial
institutions alike. Clear Capital is headquartered in Reno-Tahoe
with a team of more than 600 nationwide, dedicated to going
wherever it leads, and doing whatever it takes.Clear Capital is an
equal opportunity employer.To all recruitment agencies: Clear
Capital does not accept agency resumes. Please do not forward
resumes to our jobs alias, Clear Capital employees, or any other
company location. Clear Capital is not responsible for any fees
related to unsolicited resumes.INDT
Keywords: Clear Capital, Roseville , Senior Security Engineer, Engineering , Roseville, California
Click
here to apply!
|
Didn't find what you're looking for? Search again!
Other Engineering JobsMac Tools Seeking Mechanics - Technicians - Training Provided Description: Build a Great Career and a Quality Life with Mac Tools. Feel the freedom and independence of working on your own, in a stress free environment - with no one to answer to, except yourself Join the family (more...) Company: Mac Tools Location: Concord Posted on: 01/20/2021 Frontend Engineer Description: ABOUT THE COMPANY:Our client is the number one software company in digital marketing efforts who just reported a record revenue in the 3rd--quarter 2020 Job Title: Web Applications Engineer 3Location: (more...) Company: Ursus, Inc. - Talent, Services & Solutions Location: Fremont Posted on: 01/20/2021 Test Engineer (Hardware/ Robotics) Description: Job Description - Test Engineer Hardware/ Robotics CREQ66781 Job Description Test Engineer Hardware/ Robotics - CREQ66781 Description Advanced level Responsibilities include: Company: Virtusa Location: Fremont Posted on: 01/20/2021 Senior DevOps Engineer - AWS Certified Description: HHS Technology Group is a valued and trusted systems integration partner for several departments within a number of State Governments. The intense growth and tremendous financial forecast we are experiencing (more...) Company: HHS Technology Group Location: Sacramento Posted on: 01/20/2021 AutoCAD Project Engineer Description: AutoCAD Project EngineerDirect Hire OpportunityLong term wood manufacturing company is Company: Availability Professional Staffing Location: Modesto Posted on: 01/20/2021 Metrology and Yield Improvement Engineer Description: JOB DESCRIPTIONTITLE: METROLOGY and YIELD IMPROVEMENT ENGINEERFLSA STATUS: EXEMPTREPORTS TO: SR. MANAGER, PROCESS INTEGRATIONSUMMARY:Under the direction of the Sr. Manager of Process Integration, the (more...) Company: Headway Technologies Location: Sacramento Posted on: 01/20/2021 Photolithography Process Development Engineer Description: JOB DESCRIPTIONTITLE: PHOTOLITHOGRAPHY PROCESS DEVELOPMENT ENGINEERFLSA STATUS: EXEMPTREPORTS TO: SR. MANAGER, PHOTOLITHOGRAPY DEVELOPMENT ENGINEERINGSUMMARY:Under the direction of the Sr. Manager of (more...) Company: Headway Technologies Location: Sacramento Posted on: 01/20/2021 XPO Logistics: Technician / $4, 000 In Bonuses Description: Job DescriptionEligible participants who are hired while the program is in effect will receive a 1,000sign-on bonus, subject to repayment if the employee voluntarily terminates their employment with (more...) Company: XPO Logistics Location: Sacramento Posted on: 01/20/2021 Project Engineer Description: Who we areMarketOne Builders is a Sacramento-based commercial construction company. In business for over 20 years, MarketOne has delivered on some of the most demanding projects in Northern California, (more...) Company: MarketOne Builders, Inc. Location: Sacramento Posted on: 01/20/2021 Frontend Engineer Description: Responsibilities Work on whole projects from design to implementation Have a collaborative Company: Cypress HCM Location: San Mateo Posted on: 01/20/2021 |