Sr. Information Security Engineer
Walnut Creek, CA, US
Full Time Senior-level / Expert USD 170K - 190K
ITS Logistics
ITS Logistics is a premier 3PL with dedicated fleet and asset-lite transportation services plus omnichannel distribution and fulfillment.About ITS Logistics
Are you ready to unleash your potential and be a part of one of the fastest-growing, exciting logistics companies in the US? ITS Logistics is a premier Third-Party Logistics company that provides creative supply chain solutions. With the highest level of service, unmatched industry experience and work ethic, and a laser focus on innovation and technology–our purpose is to improve the quality of life by delivering excellence in everything we do.
At ITS, we invest in your personal and professional growth, providing the tools, resources, and support you need to unleash your full potential, collaborate with like-minded teammates, and seize limitless opportunities. By joining our all-star team, you will be part of an organization that values your unique skills, encourages your drive for excellence, and recognizes your unwavering commitment to achieving our shared goals.
We empower our team members to become champions in their respective fields by nurturing a culture of collaboration, competition, and unyielding resilience. We believe that together, we can conquer any challenge and achieve remarkable victories.
Want to learn more about ITS Logistics? Check out our website! www.its4logistics.com
about our IT team
At ITS, we see Information technology as a core enabler in delivering complex third-party logistics services at scale. ITS continues to invest in transforming its applications and infrastructure to support business growth and set us apart in the marketplace. An increasing percentage of ITS IT spending is now allocated to innovation and transformation initiatives with the goal of rapidly leveraging the following significant technology shifts to maximize business gain:
Leverage the public cloud to deliver an elastic infrastructure for increased business agility, scalability, and resiliency.
Use of the latest data analytics platform for informed decision-making, driving business outcomes, and uncovering new opportunities with data-driven insights.
AI and automation to improve efficiency and speed up business processes and results.
Digital apps to reinvent the workplace to boost employee productivity, agility, and digital dexterity through an engaging and intuitive work environment (employee experience).
Participate in building a world-class Information Security Team.
About the Position
This is a hands-on, highly technical position within a fast-paced environment, reporting to the Director of Information Security at our technology center of excellence in Walnut Creek, CA. We are building the Information Security Program, and you will have a great experience building a greenfield environment.
- The role requires three to four days in the office.
- Provide best-in-class enterprise subject-matter expertise across all Cybersecurity controls for on-premises Infrastructure and Azure Cloud.
- Responsible for maintaining operational excellence status on cybersecurity services related to administration, availability, diagrams, documentation, updates, and policy management.
- Investigate and analyze security alerts to determine scope, urgency, impact, and remediation.
- Manage cyber security incidents and conduct triage/forensic analyses and root cause analyses of cyber-attacks.
- Continually improve internal scanning, detection, and reporting of security risks and anomalous activity.
- Provide input for Key Performance Indicators (KPIs) and Metrics reporting.
- Identify opportunities to automate or streamline current processes.
- Participate in tabletop exercises.
Role Requirements
- Bachelor’s degree with advanced security certifications such as CISSP, Certified Cloud Security Professional (CCSP), SANS GIAC, Offensive Security, Azure Certified Security Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100), Etc.
- Six years of experience in Information/Cyber Security.
Bonus Skills (one or more)
- Expertise with Azure Cloud Security and the Azure Well-Architected Framework.
- Experience with Rapid7 Insight IDR and Microsoft Sentinel other SIEM platforms to manage, create, and improve threat detection rules within the SIEM platform.
- Expertise in Beyond Trust PAM , other PAM solutions, and CrowdStrike Identify Exposure.
- Expertise with CrowdStrike or other EDR solutions, and CIS Operating System Hardening
- Expertise with Palo Alto Networks Prisma or other cloud native tools.
- Expertise in Tenable One Vulnerability Management or other VM Platforms.
- Expertise with On-premises Fortinet Fortigate or other NGFW techmologies.
- Expertise with Incident Detection and Response.
- Expertise with Synk or other Application code scanning tools. Including, SAST/DAST.
- In-depth understanding of networking and network security and common enterprise communication technologies.
- In-depth knowledge of MITRE ATT&CK, CIS and NIST CSF Frameworks.
- In-depth experience with various cybersecurity techniques and principles, such as Security Operations Center and SIEM, forensics, threat hunting, penetration testing, and threat intelligence.
- Designing and orchestrating requirements for CI/CD pipelines in DEVSECOPS.
- Experience with threat modeling.
- Experience with Microsoft Purview and Data Privacy.
- Experience with drafting security policies, procedures, SOPs.
- Proficiency in secure coding/scripting and automation.
Tags: Analytics Automation Azure CCSP CI/CD CISSP Cloud CrowdStrike DAST Data Analytics DevSecOps EDR Forensics GIAC KPIs MITRE ATT&CK Network security NGFW NIST Offensive security Pentesting Privacy SANS SAST Scripting SIEM SOC Threat detection Threat intelligence Vulnerability management
Perks/benefits: Career development Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs