Senior Cyber Security Engineer - KORE1 Technologies
Irvine, CA
About the Job
KORE1, a nationwide provider of staffing and recruiting solutions, has an immediate opening for a Senior Cyber Security Engineer.
This Senior Engineer performs technical and operational tasks to design, develop, implement and maintain
security solutions using technologies and processes to uphold the confidentiality, integrity and availability
of company's information assets.
security solutions using technologies and processes to uphold the confidentiality, integrity and availability
of company's information assets.
Job Summary Details:
* Collaborate with key stakeholders including senior leadership to research, develop, and
implement an efficient security architecture to protect all sites, applications, services, and assets
* Lead engineering projects to implement security controls, tools, and solutions and assist in
projects to enhance company's Cyber Security Program; makes recommendations on technology
strategies that monitor, protect against, and alert on anomalies
* Experience assessing system compliance against security frameworks and developing risk
mitigation plans and strategies
* Manage day-to-day workflow to ensure security projects and associated operations are
communicated, managed, and optimized
* Develop and report on KPIs
* Create process automations through scripting and API integrations
* Participate in the change management process
* Participate in incident response operations
* Participate in internal and external
* Collaborate with key stakeholders including senior leadership to research, develop, and
implement an efficient security architecture to protect all sites, applications, services, and assets
* Lead engineering projects to implement security controls, tools, and solutions and assist in
projects to enhance company's Cyber Security Program; makes recommendations on technology
strategies that monitor, protect against, and alert on anomalies
* Experience assessing system compliance against security frameworks and developing risk
mitigation plans and strategies
* Manage day-to-day workflow to ensure security projects and associated operations are
communicated, managed, and optimized
* Develop and report on KPIs
* Create process automations through scripting and API integrations
* Participate in the change management process
* Participate in incident response operations
* Participate in internal and external
Distinguishing characteristics for Cyber Security focus:
* Design, development, and operations of vulnerability discovery, threat detection, and
remediation management in a hybrid environment
* Expertise with system and application vulnerability scanners, offensive security tools, and
SIEM is required
* Works regularly with system owners to present vulnerability findings, provide expert insight
on findings, and drive remediation efforts through closure
* firewalls, remote access, NAC, and proxy in a hybrid environment
* Collaborate regularly with Infrastructure and Application teams to implement effective
security controls in cross-functional areas
* Design, development, and operations of vulnerability discovery, threat detection, and
remediation management in a hybrid environment
* Expertise with system and application vulnerability scanners, offensive security tools, and
SIEM is required
* Works regularly with system owners to present vulnerability findings, provide expert insight
on findings, and drive remediation efforts through closure
* firewalls, remote access, NAC, and proxy in a hybrid environment
* Collaborate regularly with Infrastructure and Application teams to implement effective
security controls in cross-functional areas
Skills required:
Experience configuring and managing the following:
* Vulnerability management platforms such as Rapid7 InsightVM
* Vulnerability management platforms such as Rapid7 InsightVM
Cloud security posture management tools such as Rapid7 Insight CloudSec, MS Defender
for Cloud
* SAST/SCA/DAST/IAS tools such as Insight AppSec, Burp Suite Pro, SonarCloud
for Cloud
* SAST/SCA/DAST/IAS tools such as Insight AppSec, Burp Suite Pro, SonarCloud
Advanced knowledge of system and application security threats and vulnerabilities e.g., buffer
overflow, cross-site scripting, SQL injection, covert channels, MITM replay attacks
* Experience with offensive security tools and techniques, red team, purple team
* Experience with benchmarking and hardening systems and assets using CIS, STIG, etc.
* Experience maturing vulnerability management programs and procedures
overflow, cross-site scripting, SQL injection, covert channels, MITM replay attacks
* Experience with offensive security tools and techniques, red team, purple team
* Experience with benchmarking and hardening systems and assets using CIS, STIG, etc.
* Experience maturing vulnerability management programs and procedures
* NAC and remote access solutions such as Global Protect,
Rules and threat protections on firewalls such as Palo Alto
Multiple cybersecurity related certifications from vendors such as: ISC2, SANS, CompTIA, EC
* Incident detection, incident response, and forensics
* Understanding of SOAR technology and solutions such as XSOAR, Swimlane, etc
* Incident detection, incident response, and forensics
* Understanding of SOAR technology and solutions such as XSOAR, Swimlane, etc
* Experience with the OWASP Top 10
* CISSP, CEH, CySA+, CSA, GPEN, OSCP, SSCP
or similar certifications preferred
or similar certifications preferred
ABOUT KORE1
Specializing in professional and technical recruiting, KORE1 is committed to supporting top IT, Engineering, Creative, Scientific, Accounting and Finance professionals in their career paths. We build deep relationships with leading companies, connecting them to exceptional talent every day. With extensive industry expertise and unmatched opportunities, our goal is to provide a unique experience for our contractors and consultants as they prepare for their next role. We are passionate about matching the right people with the right companies.
Specializing in professional and technical recruiting, KORE1 is committed to supporting top IT, Engineering, Creative, Scientific, Accounting and Finance professionals in their career paths. We build deep relationships with leading companies, connecting them to exceptional talent every day. With extensive industry expertise and unmatched opportunities, our goal is to provide a unique experience for our contractors and consultants as they prepare for their next role. We are passionate about matching the right people with the right companies.
Kore1 provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Kore1 complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Kore1 expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Kore1's employees to perform their job duties may result in discipline up to and including discharge.
Source : KORE1 Technologies