What are the responsibilities and job description for the Information Security Engineer, Consultant position at Blue Shield Of California?
Job Description
JOB DESCRIPTION
Your Role
The Information Security team partners with IT and business teams to provide support and guidance to build products with sustained security and compliance through industry best practices. The Security Engineer, Consultant will report to the Senior Manager of Security Engineering. In this role you will be designing, implementing, and maintaining security technologies using Agile methodologies. You will be responsible for system enhancements, process improvement, and creative solutioning to solve complex problems and improve the effectiveness of our cyber security technologies.
Your Work
In this role, you will:
QUALIFICATIONS
Your Knowledge and Experience
Your Role
The Information Security team partners with IT and business teams to provide support and guidance to build products with sustained security and compliance through industry best practices. The Security Engineer, Consultant will report to the Senior Manager of Security Engineering. In this role you will be designing, implementing, and maintaining security technologies using Agile methodologies. You will be responsible for system enhancements, process improvement, and creative solutioning to solve complex problems and improve the effectiveness of our cyber security technologies.
Your Work
In this role, you will:
- Be responsible for the design, deployment, and ongoing maintenance of Information Security & Risk Management platforms and controls including perimeter, cloud, data, network, automation/orchestration, and endpoint security.
- Identify areas for automation and implement security tool integration.
- Design and develop automation capabilities to reduce or eliminate manual tasks related to both application infrastructure delivery and the operations of the resulting solution.
- Develop and maintain written procedures, engineering drawings and other technical documentation for accuracy of operational capabilities and knowledge across the team.
- Be responsible for entire projects / programs or processes as industry knowledgeable lead within IT Security Engineering.
- Work with cross-functional teams to influence priority of security features and controls, with minimal authority or supervision.
- Design and advocate the adoption of new security technologies and solutions to support emerging enterprise business and customer needs.
- Troubleshoot issues across the entire stack - hardware, software, applications, network, and cloud.
- Engage with the business to provide advanced subject matter expertise and consultancy for IT Security controls.
- Provide support, advice, and advocacy to Security teams on technical solutions; resolving issues and finding options to meet new business requirements.
- Contribute to the achievement of strategic and operational goals established by Information Security & Risk Management leadership.
- Establish metrics and implement reporting to track coverage and effectiveness of Security tools.
- Provide security guidance, coaching and training to other employees across the company across a broad area of expertise.
- Other duties as assigned.
QUALIFICATIONS
Your Knowledge and Experience
- Requires a bachelor's degree or equivalent experience
- Requires at least 5 years of prior relevant experience
- Requires working knowledge of Microsoft Windows, Red Hat Linux (RHEL)
- Requires working knowledge of Azure, desired familiarity with Google Cloud Platform
- Requires working knowledge of TCP/IP, HTTP, SSL, DNS, LDAP, Active Directory and one or more of: XML, IIS, Web Services/SOAP/REST, authentication protocols, SSH, SFTP
- Requires familiarity with CI/CD tools such as Jenkins, BitBucket, Git
- Requires orchestration tools such as ServiceNow
- Requires scripting language such as Python, Shell
- Requires configuration management tools such as Ansible, SCCM
- Desired familiarity with Kubernetes and OpenShift
- Desired 1 years of experience in implementing Cloud based DevOps practices and Infrastructure as Code
- Desired 1 years of experience in rolling out container-based solutions (Docker, Kubernetes)
- CI/CD tools, i.e., Bitbucket/Git, Jenkins, etc.
- Cloud platforms, i.e., Azure, Google Cloud Platform, VMWare, OpenShift, etc.
- Scripting languages, i.e., Python, Shell, etc.
- Configuration Management tools, i.e., Ansible, SCCM, etc.
- Orchestration tools, i.e., ServiceNow, etc.
- Infrastructure and server theories, principles, architectures, and concepts
- IaaS solutions, design, implementation, and integrations
Director of Information Security
River City Bank -
Sacramento, CA
Information Security Officer
Gainwell Technologies -
West Sacramento, CA
Information Security Analyst
INTEL -
Folsom, CA
