Information Security Engineer

Title: Information Security Engineer
Location: Santa Clara, CA - Onsite

Duration: Long term

Mandatory Areas
Must Have Skills
Skill 1 Any recognized security certifications, e.g., CISSP, CISA, CISM
Skill 2 - Monitor internal and external threat landscape to update strategy and intellectual protection program roadmap
Skill 3 Provide periodic reports to management team and key stakeholders

Good To have Skills
Skill 1
Mandatory if Applicable
Domain Experience IT Security

Key Responsibilities
Partner with various stake holder groups, including Product/Engineering, Legal, HR, and IT to promote and build a culture of security and implement controls accordingly
Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application, insider and cyber risks
Monitor internal and external threat landscape to update strategy and intellectual protection program roadmap
Work with a global team to help implement and monitor security controls to proactively identify insider risk issues and application security issues
Partner with software development teams across Applied to incorporate and implement secure SDLC concepts such as training, security requirements, threat modeling, code/design reviews, and security testing
Partner with software development teams to implement processes and tools to enable code analysis, vulnerability assessment, open source license compliance
Review and update policies and provide training as needed to internal & external audience
Provide periodic reports to management team and key stakeholders

Qualifications
Bachelor's degree in Information Technology or related field
3-4 years of management experience in information security or related field and overall, 7-10 years of information security experience
Prior experience in partnering with cross-functional teams to deliver impactful security initiatives
Prior experience working on application security, product security, cyber security or managing insider risk initiatives preferred
Prior experience with threat modeling, security design reviews, and security architectural concepts
Any recognized security certifications, e.g., CISSP, CISA, CISM etc.
Working experience in a global company is preferred
Excellent analytical and critical thinking skills
Ability to manage multiple projects with team members from various business units/functions and countries
Ability to work both independently and work within a team to analyze complex business problems and recommend solutions
Ability to travel periodically
Expertise across common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, NIST, including 800-53 and Cybersecurity Framework is preferred
Strong interpersonal, writing, and communication skills; ability to clearly articulate and visually present complex advice to managers at all levels

Thanks,

Rajinikanth Lakka

Sr. Lead Technical Recruiter

Email: Rajinikanth.l@stiorg.com