Previous Job
Information Security Engineer
Ref No.: 17-03492
Location: El Segundo, California
Required Skills
Here is what you'll do:
  • Manage and monitor regular activities, logs and events from various security solutions including, but not limited to: Anti-Virus, IPS/IDS, SIEM and DLP
  • Monitor threat landscape for emerging threats; communicate threat information to business and security partners.
  • Research, design, engineer, implement, and maintain information security and directory technology systems (software & hardware).
  • Conduct security reviews against new processes, technology, and applications.
  • Safeguard sensitive information by working with business units and vendors/third parties to determine and enforce appropriate security controls and access levels.
  • Coordinate and execute Information Security projects and assist in project planning roles as required.
  • Identify regulatory and legal requirements that may affect data and application security policy, standards, and procedures. Monitor changes in the security industry including new vulnerabilities, viruses, intrusions, fraud scams, and best practices and tools available for system/network protection.
  • Contribute in the development of policies and documentation to support the Information Security program (run books, procedure documentation, etc.)
  • Create and coordinate status reports, metrics and dashboard for key security projects and from various security tools.
  • Review vendor and third party SSAE-16 reports to ensure appropriate security controls are in place to protect the company and its data.
  • Work with vendors and third parties to understand their processes, technology and/or applications to appropriate security controls are in place to protect the company and its data.
  • Train users and promote security awareness to ensure system security.
  • Assist in internal and external audit requests.

Required Experience
Here is what you'll bring to the table:
  • Proficiency and hands-on experience managing and implementing various security tools such as Endpoint protection, anti-virus, IPS/IDS, DLP, Web filtering, SIEM, security auditing tools, vulnerability scanners, encryption, and Network Access Controls.
  • Knowledge of regulations and policies pertaining to information security and the financial industry.
  • Detail oriented and strong analytical skills to analyze and solve problems.
  • Excellent communication skills both written and orally.
  • Must be organized and be able to communicate effectively with a wide variety of users in different locations.
  • Ability to interact with staff, members and others encountered in the course of work.
  • Ability to learn and apply new information or skills.
  • Ability to observe and interpret people and situations
  • Ability to perform highly detailed work on multiple, concurrent tasks.
You'll do great if you have:
  • Bachelors Degree in Computer Science, Information Security, Information Assurance or related technology field.Minimum of 7 years of related and relevant experience in Information Security, IT governance, IT Audit or Risk Management role.
  • Minimum of one relevant security certifications, such as CISSP, CISM, CRISC, GIAC or CISA required.
  • Knowledge of SSAE-16 reports and vendor management control requirements.
  • Knowledge of PCI requirements.
  • Knowledge of Information Security frameworks and financial services regulatory and legal requirements (FFIEC, NCUA, GLBA, SB1386, NIST, SANS, etc)
  • Experience conducting security reviews against applications, technology and processes.
  • Experience with documenting security controls and creating data flow diagrams (Microsoft Visio).
  • Knowledge of the following a plus: VMWare, access control, encryption methods, application security, security architecture and models, telecommunications and network security, wireless security, and data destruction.
  • Previous banking, credit union, or mortgage industry knowledge a plus.
Experience as outlined may be substituted for education on a year-for-year basis.