Information Security Engineering and Architecture Engineer III
Los Angeles, CA, US, 90017
Applications have closed
L.A. Care Health Plan
Salary Range: $121,056.00 (Min.) - $160,400.00 (Mid.) - $180,021.00 (Max.)
Established in 1997, L.A. Care Health Plan is an independent public agency created by the state of California to provide health coverage to low-income Los Angeles County residents. We are the nation’s largest publicly operated health plan. Serving more than 2 million members in five health plans, we make sure our members get the right care at the right place at the right time.
Mission: L.A. Care’s mission is to provide access to quality health care for Los Angeles County's vulnerable and low-income communities and residents and to support the safety net required to achieve that purpose.
Job Summary
The Information Security (InfoSec) Engineering and Architecture (ISEA) Engineer III follows a “Security by Design” Methodology ensuring Security is built-into products, technologies, SaaS solutions, etc. in the early phases of a technology or solution implementation. This position engineers, implements, and maintains information security systems and controls for L.A. Care Health Plan.
The ISEA Engineer III works closely with the Cyber Defense Operations Center (CDOC) Analysts and the various departments and technical staff within Information Technology (I.T.). This position collaborates with business units on the front end in the build of a new solution to ensure security measures are in place from the beginning of the project. Acts as a Subject Matter Expert (SME), serves as a resource and mentor for other staff.
Duties
Ensures all InfoSec tools are configured appropriately. Ensures all InfoSec tools are capturing and displaying the most relevant and actionable information the tool is designed to deliver. Ensures all InfoSec tools are running at their current supported versions.
Proactively develops and enforces security plans and standards to maintain the confidentiality, integrity, and availability of the organization’s and member’s data.
Interfaces directly with technical and business staff to design and implement security architectures to protect LA Care information assets.
Develops systems and processes to prevent information and infrastructure breaches.
Designs and implements elegant solutions to complex security and risk problems.
Applies appropriate technologies while following security engineering best practices.
Fosters constructive dialogue and problem resolution when confronted with differing viewpoints on security risks.
Conducts research to identify attack vectors against the organization. Identifies and assesses vulnerabilities and risks to enterprise applications, infrastructure, and data. Develops and implements technical solutions to counter vulnerabilities and risks.
Develops plans for incident response.
Duties Continued
Acts as the technical expert in multiple domains to lead the Information Security team during incident and breach responses.
Leads security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership. Provides security consulting services to various projects.
Creates security guidance and documentation. Develops security tools and automation.
Supports the enterprise data loss prevention program by identifying and controlling data loss channels.
Works with IT and business units to address their data loss prevention requirements.
Provides on-call support on a rotational basis as part the Information Security team.
Applies subject expertise in evaluating business operations and processes. Identifies areas where technical solutions would improve business performance. Consults across business operations, providing mentorship, and contributing specialized knowledge. Ensures that the facts and details are correct so that the project’s/program's deliverable meets the needs of the department, and organization policies, standards, and best practices. Provides training, recommends process improvements, and mentors junior level staff, department interns, etc. as needed.
Performs other duties as assigned.
Education Required
Bachelor's Degree in Science or TechnologyIn lieu of degree, equivalent education and/or experience may be considered.Education Preferred
Experience
Required:
At least 6 years of experience in a senior Information Security role.
Operational experience configuring and managing a Security Information and Event Management (SIEM) platform.
Operational experience using and configuring a vulnerability management platform.
Operational experience using a static application security testing platform.
Operational experience assessing and securing cloud computing environments (e.g., AWS, Azure, etc.).
Preferred:
Operational experience building or reviewing threat models.
Operational experience in a regulated environment (e.g., classified networks, healthcare, finance, banking, etc.).
Skills
Required:
Strong working knowledge in one or more of the following disciplines: DevOps, Digital Forensics, Penetration Testing, Programming (Java preferred), and/or System or Network Administration.
Working knowledge of data loss prevention (DLP) toolsets.
Strong understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP/S, etc.).
Understanding of web service frameworks and service architectures (such as event-driven, service-oriented, or server less architectures).
Ability to collaborate with internal and external key stakeholders.
Combination of strong troubleshooting, technical, and communication skills.
Licenses/Certifications Required
Licenses/Certifications Preferred
Required Training
Physical Requirements
LightAdditional Information
Professional Certifications
Preferred:
One or more of:
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Certified Hacking Forensic Investigator (CHFI)
GIAC Certified Detection Analyst (GCDA)
Offensive Security Certified Professional (OSCP)
Salary Range Disclaimer: The expected pay range is based on many factors such as geography, experience, education, and the market. The range is subject to change.
L.A. Care offers a wide range of benefits including
- Paid Time Off (PTO)
- Tuition Reimbursement
- Retirement Plans
- Medical, Dental and Vision
- Wellness Program
- Volunteer Time Off (VTO)
Tags: Application security Automation AWS Azure Banking CEH CHFI CISSP Cloud Cyber defense DevOps Finance Forensics GIAC Incident response Java Offensive security OSCP Pentesting SaaS SAST SIEM TCP/IP TLS Vulnerabilities Vulnerability management
Perks/benefits: Career development Health care Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs