Description:

Role Responsibilities

· This is a hands-on, highly technical position within a fast-paced environment, reporting to the Director of Information Security at our technology center of excellence in Walnut Creek, CA. We are building the Information Security Program, and you will have a great experience building a greenfield environment.

· The role requires three to four days in the office.

· Provide best-in-class enterprise subject-matter expertise across all Cybersecurity controls for on-premises Infrastructure and Azure Cloud.

· Responsible for maintaining operational excellence status on cybersecurity services related to administration, availability, diagrams, documentation, updates, and policy management.

· Investigate and analyze security alerts to determine scope, urgency, impact, and remediation.

· Manage cyber security incidents and conduct triage/forensic analyses and root cause analyses of cyber-attacks.

· Continually improve internal scanning, detection, and reporting of security risks and anomalous activity.

· Provide input for Key Performance Indicators (KPIs) and Metrics reporting.

· Identify opportunities to automate or streamline current processes.

· Participate in tabletop exercises.

Role Requirements

· Bachelor’s degree with advanced security certifications such as CISSP, Certified Cloud Security Professional (CCSP), SANS GIAC, Offensive Security, Azure Certified Security Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100), Etc.

· Six years of experience in Information/Cyber Security.

Bonus Skills (one or more)

· Expertise with Azure Cloud Security and the Azure Well-Architected Framework.

· Experience with Rapid7 Insight IDR and Microsoft Sentinel other SIEM platforms to manage, create, and improve threat detection rules within the SIEM platform.

· Expertise in Beyond Trust PAM , other PAM solutions, and CrowdStrike Identify Exposure.

· Expertise with CrowdStrike or other EDR solutions, and CIS Operating System Hardening

· Expertise with Palo Alto Networks Prisma or other cloud native tools.

· Expertise in Tenable One Vulnerability Management or other VM Platforms.

· Expertise with On-premises Fortinet Fortigate or other NGFW technologies.

· Expertise with Incident Detection and Response.

· Expertise with Synk or other Application code scanning tools. Including, SAST/DAST.

· In-depth understanding of networking and network security and common enterprise communication technologies.

· In-depth knowledge of MITRE ATT&CK, CIS and NIST CSF Frameworks.

· In-depth experience with various cybersecurity techniques and principles, such as Security Operations Center and SIEM, forensics, threat hunting, penetration testing, and threat intelligence.

· Designing and orchestrating requirements for CI/CD pipelines in DEVSECOPS.

· Experience with threat modeling.

· Experience with Microsoft Purview and Data Privacy.

· Experience with drafting security policies, procedures, SOPs.

· Proficiency in secure coding/scripting and automation.