Information Security Engineer
Remote
VDA Labs
VDA Labs provides services including Information Security Transformations, Penetration Testing, Incident Response, Code Security Audits, Advanced Training and more. You will also see us speaking frequently at Infosec events across the country.Company Description:
VDA Labs is a leader in Cyber Security, Adversary testing, Security intelligence, and helping customers on their Cybersecurity Journey. VDA Labs eliminates the complexity and burden of cybersecurity for organizations struggling to prepare for, prevent, and respond to cyber-attacks
Job Description:
Your primary responsibility will be to work with customers/clients around their security programs and assist them in improving their security posture for the organization. You’ll be part of a small team with a big impact focused on organization and infrastructure security. The right candidate will have the strong network experience and technical aptitude to assist in driving good technology choices through collaboration with an empowered team. We are looking for candidates who are passionate about delivering consistently great experiences within our growing engineering team.
Responsibilities:
- Researching, planning, and implementing security solutions that enable the organization to identify, protect, detect, respond, and recover from cyber threats and vulnerabilities to increase the organization’s security posture.
- Defining and developing security requirements using risk assessments, threat modeling, testing, and analysis of existing systems
- Ensuring technology initiatives are implemented within the security framework.
- Developing security integration plans to protect existing infrastructure and to incorporate into future solutions
- Assist customers in the development and maintenance of information security policies, standards, and control procedures to enable compliance with applicable regulations and industry standards, including Payment Card Industry Data Security Standard (PCI DSS), California Consumer’s Privacy Act (CCPA), SOC 2, and Sarbanes Oxley (SOX), NIST, CIS, etc.
- Securing enterprise information by identifying network and application security requirements, planning, implementing, and testing security controls and procedures.
- Keeping abreast of the latest intelligence from law enforcement and other sources of cyber threat information.
- Propose, design, plan and execute strategic and tactical operational security.
- Works with all departments and application vendors to implement and maintain security.
- Installation/Configuration of Security Products i.e. Firewalls, MFA, EDR, etc.
- Performs other related duties as assigned.
Requirements:
- Ability to install Multi-Factor platforms i.e. Cisco DUO, Okta, and integrate with SAML and other authentication methods.
- Ability to install Firewalls i.e. Palo Alto, Fortinet, Cisco
- Ability to install NextGen EDR Platforms SentinelOne, Palo Alto XDR, Crowdstrike
- Expertise with AWS and Azure Infrastructure and Security Operations, Security Principles and Policies, Red/Blue Team Operations, and Offensive Security. Expertise in a variety of security information and event management (SEIM), data loss prevention (DLP), intrusion prevention systems (IPS), and other tools used in security operations. Working knowledge of modern application development tools and methodology
- Minimum 3 years of IT experience designing and implementing cutting-edge cybersecurity capabilities at an enterprise scale.
- Experience collecting data from multiple sources and consolidating results into analytic models, alerts, and reports
- Experienced meeting corporate security policies and regulatory requirements
- Solid understanding of NIST/CIS Cybersecurity Framework
- Well-versed in incident response and investigative processes
- Extensive experience with cloud-based technologies (AWS/Azure/GCP and how to enhance security postures)
Preferred:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Security +
- GIAC Security Expert (GSE)
- GIAC Systems and Network Auditor (GSNA)
- Computer Security Incident Handler (CSIH)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- Certified Ethical Hacker (CEH)
Benefits:
- Healthcare
- Vision/Dental
- 401k - Matching
- Flexible PT
Tags: Application security AWS Azure Blue team CCPA CEH CISM CISSP Cloud Compliance CrowdStrike EDR Firewalls GCFA GCIH GCP GIAC GSNA Incident response Intrusion prevention IPS NIST Offensive security Okta PCI DSS Privacy Risk assessment SAML SOC SOC 2 SOX Vulnerabilities XDR
Perks/benefits: 401(k) matching Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Cyber Security Specialist jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open IPS-related jobs