Sr. Information Security Eng
Location: San Diego
Posted on: November 11, 2019
SENIOR SECURITY ENGINEER
ID ANALYTICS IS A LEADER IN CREDIT AND FRAUD RISK SOLUTIONS WITH
PATENTED ANALYTICS, PROVEN EXPERTISE AND UP-TO-THE-MINUTE INSIGHT
INTO CONSUMER BEHAVIOR. FOUNDED IN 2002, WITH A VISION TO THINK
DIFFERENTLY ABOUT HOW INSTITUTIONS SOLVE THE PROBLEM OF VERIFYING
CONSUMERS IDENTITIES, WE NOW SOLVE A FULL RANGE OF IDENTITY
CHALLENGES, INCLUDING ASSESSING CREDIT RISK AND IMPROVING ONLINE
CUSTOMER EXPERIENCE. OUR TOOLS HELP OUR CLIENTS PROTECT THEMSELVES
AND THEIR CUSTOMERS FROM IDENTITY RISK AND FRAUD. OUR SOLUTIONS ARE
ALL POWERED BY ANALYTICS, BUT IT S OUR ACCESS TO DATA UNSEEN BY
OTHER BUREAUS THAT DIFFERENTIATES OUR SOLUTIONS. ID ANALYTICS IS A
WE ARE LOOKING FOR AN EXPERIENCED INFORMATION SECURITY ENGINEER TO
JOIN OUR TEAM.
The Senior Security Engineer position is part of the Information
Security team at ID Analytics and will be responsible for
configuring, deploying, and maintaining security technologies aimed
at protecting the company s information technology assets and data.
In addition, this role will be responsible for monitoring security
sensors and reviewing logs to identify potential security threats
and vulnerabilities and will ensure that the output from security
tools can be consumed and actioned by the appropriate teams. More
specifically, the team is responsible for identifying, documenting,
and assessing Information Security risks within the environment and
partnering closely with the key stakeholders across the company to
perform required remediation. We are looking for a very self-driven
individual with excellent hands-on technical ability combined with
strong teamwork and communication skills.
* Actively lead proof-of-concepts for new security technologies by
developing and maintaining standards and selection criteria to
identify appropriate security solutions to support strategic
operational needs and security requirements.
* Design, configure, and implement processes to alert of potential
issues that impact operations not working as designed or
* Develop and implement detection use cases to detect potential
security risks and assist with incident response activities, as
* Monitors, evaluates, and maintains complex security systems
according to industry best practices to safeguard internal
information systems and databases.
* Evaluate security controls using continuous compliance tools to
ensure control effectiveness and coordinate relevant security
control remediation efforts.
* Create, maintain, and automate audit evidence/documentation to
demonstrate the operation of security controls.
* Develop, manage, and oversee the structure of a GRC system or
other compliance tool to perform mapping and evidencing of the
common control framework.
* Review software and hardware to ensure security requirements are
met, and provide recommendations on new security software and
* Assess networks and systems to identify, report on, and provide
guidance in remediation gaps by recommending mitigating
* Interface with all levels of business within the organization to
identify, define, document, and implement risk assessment solutions
to improve overall risk posture.
* Partner with stakeholders across the company to align on security
technologies and initiatives.
* Review potential vulnerabilities to determine impact and
collaborate with key stakeholders to perform required remediation
* Provide technical leadership and mentoring to team members.
* BS in Computer Science or a related field. An equivalent
combination of education and experience may be substituted for the
* At least five years of experience in information security or
* At least two years of experience in security related technologies
(i.e. antivirus, IDS/IPS, firewalls, SIEM, FIM, database
monitoring, etc.). Hands-on experience with multiple security tools
and technologies that cover a breadth of security disciplines.
* At least two years of experience in Linux and Windows
administrator and/or network administrator.
* At least two years of experience in one or more scripting
languages (i.e. Perl, Ruby, python, etc.) with the ability to write
* Experience in securing and developing security policies for
cloud-based infrastructure (i.e. Azure, AWS, etc.)
* Technical proficiency in regular expressions.
* Experience in designing and building enterprise monitoring
* Hands-on experience in designing, implementing, and
operationalizing output from various security technologies to make
the information actionable for internal customers.
* Hands-on experience in integration of disparate tools. Technical
proficiency in API calls to enable integration.
* Experience measuring, managing, and reporting on risk.
* Experience with deploying and/or managing enterprise Governance,
Risk, & Compliance (GRC) technologies or other tools that support
compliance activities (e.g. Atlassian Jira, Chef InSpec, Ansible
* Solid understanding of security controls, scoping, and assessing
* Familiarity with generally accepted information security
governance framework (i.e. PCI DSS, ISO 27001, etc).
* Demonstrated ability to troubleshoot issues in a complex
* Strong problem solving skills.
* Excellent communication (both oral and written), organizational,
and customer service skills. Ability to interface with all levels
within the organization, vendors, customers, prospective clients,
* Capable and self-motivated to quickly learn new technologies
(scripting languages, technology frameworks, etc).
* Previous experience working a highly regulated industry that
collects personally identifiable information (PII).
* In-depth knowledge and expertise in one or more security
disciplines: vulnerability management, patch management,
configuration management, threat monitoring, identity and access
management, data loss prevention, database monitoring, file
integrity monitoring, incident response, etc.
* Previous experience in representing security on Change Advisory
Board (CAB) to provide approval for technology changes required for
Symantec is proud to be an equal opportunity employer. We celebrate
diversity and are committed to creating an inclusive and accessible
environment for all employees. All employment decisions are based
on merit, experience, and business needs, without regard to race,
color, national origin, age, religion, sex, pregnancy (including
childbirth or related medical conditions), genetic information,
disability (physical or mental), medical condition, marital status,
sexual orientation, gender identity or gender expression, military
or veteran status, or any other consideration made unlawful by
federal, state, or local law. Symantec strictly prohibits unlawful
discrimination based on such protected characteristics and seeks to
recruit the most talented candidates from diverse cultures and
We also consider for employment qualified individuals with arrest
and conviction records. In addition, Symantec will not discharge or
in any other manner discriminate against employees or applicants
because they have inquired about, discussed, or disclosed their own
pay or the pay of another employee or applicant. Learn more about
EEO is the law. Applicants and employees of Symantec Corporation
are protected under Federal law from discrimination. See the EEO
poster and supplement.
Keywords: Symantec, San Diego , Sr. Information Security Eng, Engineering , San Diego, California
Didn't find what you're looking for? Search again!