Senior Cybersecurity Engineer

New Today

Job Description

Job Description
Benefits:
  • 401(k)
  • 401(k) matching
  • Competitive salary
  • Dental insurance
  • Flexible schedule
  • Health insurance
  • Paid time off
  • Profit sharing
  • Vision insurance

Job Summary
Cybersecurity Engineering Services develop advanced security solutions in line with organizational specifications, regulations, and compliance.

Job Responsibilities:

  • Assist with security strategy updates addressing the evolving risk landscape.
  • Assist with security governance, aligned to NIST CSF, as required to sustain an effective cybersecurity program.
  • Assist with 3rd parties/projects/initiatives security risk assessments and provide solutions recommendations as needed.
  • Assist with security operations management update/improvement as required.
  • Manage information security-related activities of the agency including the analysis, identification, estimation of InfoSec efforts and the development, planning, testing, and documenting of remediation measures.
  • Develops, conducts, and documents executive-level reporting and strategy formulation.
  • Creates and maintains a centralized information security register to manage all InfoSec information and document changes relevant requirements.
  • Collaborates with internal and external stakeholders to maintain an understanding of current risks, new systems, and changes to the environment.
  • Supports development, implementation, and maintenance of strong security risk & compliance processes for new and existing deployments.
  • Participates in vendor due-diligence processes and third-party security risk management efforts; in addition to performing contract reviews as it relates to Information Security.
  • Supports internal and external audit and assessment processes for relevant compliance (PCI DSS, Privacy, etc.).
  • Creates security guidelines, checklists, and other documentation to support projects and initiatives.
  • Develops and presents metrics, reports, and dashboards.
  • Develops documentation for information security controls, acquisitions, and process or system changes.
  • Stays up to date on developing regulatory concerns, evolving IT, and information security trends.
  • Contributes to ensuring that the Equal Employment Opportunity (EEO) policies and programs are carried out.
  • May be required to perform other related job duties.
Knowledge & Experience Requirements

  • Experience working with a transit Universal Fare System (UFS) and the Cubic Payment Application (CPA) as it relates to transportation agency data compliance.
  • Knowledge of cybersecurity technology and compliance in transit systems.
  • Demonstratable strong background in the processes, policies, procedures, systems, practices, and professional standards of cybersecurity.
  • Demonstratable knowledge of industry best practices and relevant legal requirements as they pertain to cybersecurity, compliance, and privacy laws and regulations including TSA/DHS transport directives, DMV rules and regulation and other transportation agency cyber security rules and regulations.
  • Consultant must have delivered similar services (as stated above) during the past 10 years.
  • Experience with modern Security Operations Center (SOC) monitoring, detecting, analyzing, and responding to cyber threats.
  • Experience with conducting Cyber forensics.
  • Experience with major Cyber Incident handling.
  • Experience with preparing and guiding organizations to achieve and sustain compliance with Payment Card Industry Data Security Standard (PCI DSS).
  • Experience with vulnerability scanning, penetration testing, etc. using commercial products.
  • Experience with risk-based prioritization of security vulnerabilities and providing actionable remediation guidance.
  • Experience with cloud based and on-premise Security Information and Event Management (SIEM) tools including administering the tools, reviewing alerts, and providing actionable steps.
  • Experience with Security Orchestration, Automation, and Response (SOAR) platform.
Minimum Requirements:

  • 15+ years experience supporting very large companies with skills performing above listed technical security activities.
  • Two of the certifications below:
    • Certified Information Systems Security Professional (CISSP)
    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • GIAC Security Professional (GSEC)
    • Certified Data Privacy Solutions Engineer (CDPSE)
    • Cyber Security Nexus (CSX)

Apply
Location:
Los Angeles
Job Type:
PartTime
Category:
Technology

We found some similar jobs based on your search