Previous Job
Previous
Infrastructure Security Engineer
Ref No.: 18-16079
Location: Palo Alto, CA, California
Summary:
The Security Engineer (Infrastructure) will consult with internal groups and development teams to design secure infrastructure and operations solutions.
This includes assessing risk and ensuring that internal infrastructure and cloud-based implementations are consistent with security standards through architecture review, risk assessment, threat analysis and required compliance obligations. The candidate is expected to be a seasoned security professional and a team player with a strong drive for results and continual improvement.
The engineer will advise teams of best practices for secure deployments, security architecture, and integration with control frameworks. The engineer will also participate in infrastructure security projects to develop specifications for complex network security protection technologies for data and network systems/applications.

Responsibilities:
Ability to understand the risks and security issues associated with infrastructure (such as servers, networks and storage) and able to clearly articulate them to business users and technical personnel.
Ability to build and maintain constructive working relationships with a diverse community of technical and non-technical audiences. Ability to effectively communicate with and influence these audiences as well.
Experience performing information security assessments of new network and infrastructure technology products (e.g. VPN, network storage, Microservices etc).

Deep security experience and knowledge in one or more of the following security domains:
Server security (RedHat Enterprise, Oracle, hardening, anti-malware,
logging) .
Network security (e.g., network device hardening, firewalls, network segregation, VPNs, network monitoring).
Privileged Access (e.g., password vault/manager, least privilege lockdown of systems, roles-based access control).
Experience with directory security technologies (e.g. Active Directory group policy objects, etc.).
Experience with Public Cloud deployments (Azure, GCP) Experience in setting security strategy, architecture and roadmaps to improve security controls in infrastructure and network

Experience:
5+ years providing network and infrastructure security consulting
5+ services
to both business and technology audiences in cloud technology and/or consumer organizations.
7+ years experience in Security and Risk Management .
Advanced knowledge of key information risk management and security related standards including OWASP, ISO 2700x series, PCI-DSS, GLBA, EU Data Security and Privacy Acts, FFIEC guidelines, and NIST standards.
Industry certifications including relevant SANs, CISSP, CRISC, and/or CISA .
Knowledgeable in Cloud Security, Application and Web Application Security and the concepts, techniques, tools, methods and practices used to secure them .
Strong communication skills and ability to influence others .
Excellent planning ability and business acumen .
This email and any files transmitted with it are confidential and or privileged information internal to our organization and intended solely for the use of the individual(s) or entity or entities to whom they are addressed. This message contains confidential information and is intended only for the recipients. If you have received this email in error please notify the sender by replying to this email and then delete this message and any attachments. If you are not the named addressee you may not disseminate, distribute or copy this e-mail. If you are the intended recipient you are notified that unauthorized disclosure, copy, storage, or distribution of this information is strictly prohibited.