Cyber Security Engineer / Hybrid in Los Angeles / Permanent

**Awesome Company, Strong Pay, Full Benefits, Paid Time Off, 401k Match - Smooth & Efficient Hiring Process!**

Cyber Security Engineer - Full-Time, Permanent Positions Only

Los Angeles, CA - Hybrid Work Model

HC Solutions Group specializes in the permanent placement of IT Professionals. Our client is seeking a Cyber Security Engineer for a permanent position! Enjoy all of the perks of a permanent position including competitive competition, full health benefits, paid time off, retirement matching and more. Apply today!

We are currently recruiting for a Cyber Security Engineer for a permanent opportunity with an excellent client. This is a full-time, permanent position with excellent benefits. Qualified candidates must have 4+ years of Cyber Security Engineer experience.

GET PLACED BY HC SOLUTIONS GROUP

• Direct Access to Hiring Managers
• Streamlined Hiring Process
• Fast & Efficient
• Recruiter Representation & Advocacy
• 20 Years of Recruitment Experience
• Full-Time, Permanent Positions Only

Compensation for the Cyber Security Engineer

• Competitive Base Salary
• Awesome Company Culture
• Medical/Dental/Vision
• Health and wellness benefits package
• Retirement Plan
• Paid Time Off

Benefits of the Cyber Security Engineer

• Competitive Pay to the Market
• Excellent Work Environment
• Growth and career advancement opportunities
• Permanent Position
• Excellent Medical/Dental/Vision
• Paid Time Off

Position Description

• Manage and administer the Security Information and Event Management (SIEM) system, ensuring it is always operating with current and complete configuration information, is collecting and analyzing security data, and is generating regular reports and security alerts. Take prompt action on alerts so that anomalies and abnormal behavior can be investigated.
• Manage and administer the Vulnerability Management system to ensure the discovery, management, and remediation of vulnerable assets in the enterprise. Communicate vulnerability findings with the owners of assets or applications for remediation and provide guidance on criticality and remediation efforts. Assist with implementation of approved remediation steps on applicable systems.
• Lead and assist with the proper operation, maintenance, and management of Endpoint Protection systems (anti-virus, malware, threat detection, firewalls, etc.).
• Be a thought leader and assist with monitoring and enforcement of system hardening efforts.
• Ensure effective employee security awareness training programs and educational efforts are in place and regularly completed.
• Ensure monitoring processes are in place for system administrators and end-users.
• Ensure a consistent and rigorous user access governance process is followed for the addition, modification or disposition of system access for employees, consultants or third-party providers to the bank’s network, operating systems and databases.
• Manage and ensure adherence to policy for the procedures applied to authenticate users (e.g. passwords, tokens, smart cards, certificates), including evaluation of system capabilities, such as read vs. read/write access, compliance with a role-based-least-privilege standard, regular review and evaluation of system access rights to ensure proper functional segregation of duties are observed, and ensure effective use of encryption during input, transmittal and storage of sensitive data.
• Manage and monitor the use of Computing Assets by employees and other stakeholders, including appropriate use of electronic mail, Internet and information assets. Working with the Network Administrator to monitor and continuously strengthen Network and Communication Security, with particular emphasis on hardware and system software defenses (e.g. Firewall implementation, configuration and monitoring, intrusion detection and incident response, data loss prevention controls) for the detection, reporting and mitigation of unauthorized attempts to access internal systems and resources.
• Monitor and maintain Server and Desktop Computer Security, including policies and procedures on client-server environments.
• Review alert logic and virus reports on a daily basis. Perform daily monitoring for the occurrence of security incidents, as well as follow up to confirm remediation of issues. Where applicable, perform operating system, network and application vulnerability assessments to identify and prioritize security exposures in the environment.
• Responsible for the ongoing monitoring of security controls to protect information systems and assets (e.g. infrastructure, network, applications, hardware).
• Liaise with IT and third-party service providers to gain an understanding and maintain documentation of infrastructure and systems security controls, including; routers and switches, network structure and configurations, web server configuration, application configurations, database location and configurations, firewall configurations, router/switch configurations, monitoring and alerting reporting systems, server hardening/securing, clean desk policies, document destruction programs, among others.
• Prepare reports, special assessments and dashboards to report the effectiveness of the security controls and facilitate Management oversight.
• Assist with the preparation of presentation materials for Management and the Board.
• Interact with internal and external auditors, consultants, regulatory examiners and other stakeholders, as needed.
• Responsible for application risk assessments, planning/scheduling and timely completion of user entitlement reviews for critical systems and applications.
• Comply with all company policies and procedures, applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control.

Knowledge and Skills:

Education/Certifications/Licenses/ Experience

• Undergraduate degree in a relevant technical field.
• Minimum 4 years’ relevant experience with direct responsibility for cyber security.
• Minimum 1 year in a position of leadership.
• Evidence of continuous learning specific to cyber security and evolving risks.
• Knowledge & understanding of a breadth of information technologies and information security topics.
• Demonstrated understanding of networking protocols, firewall functionality, host and network intrusion detection systems, and vulnerability assessments.
• Demonstrated ability in the development of solutions and/or mitigations related to security vulnerabilities.
• Experience in application security, penetration testing and user access monitoring required.
• Financial sector experience is a plus.