Information Security Engineer

Remote

Applications have closed

VDA Labs

VDA Labs provides services including Information Security Transformations, Penetration Testing, Incident Response, Code Security Audits, Advanced Training and more. You will also see us speaking frequently at Infosec events across the country.

View company page

Company Description:

VDA Labs is a leader in Cyber Security, Adversary testing, Security intelligence, and helping customers on their Cybersecurity Journey. VDA Labs eliminates the complexity and burden of cybersecurity for organizations struggling to prepare for, prevent, and respond to cyber-attacks

 

Job Description:

Your primary responsibility will be to work with customers/clients around their security programs and assist them in improving their security posture for the organization. You’ll be part of a small team with a big impact focused on organization and infrastructure security. The right candidate will have the strong network experience and technical aptitude to assist in driving good technology choices through collaboration with an empowered team. We are looking for candidates who are passionate about delivering consistently great experiences within our growing engineering team.

 

Responsibilities:

  • Researching, planning, and implementing security solutions that enable the organization to identify, protect, detect, respond, and recover from cyber threats and vulnerabilities to increase the organization’s security posture.
  • Defining and developing security requirements using risk assessments, threat modeling, testing, and analysis of existing systems
  • Ensuring technology initiatives are implemented within the security framework.
  • Developing security integration plans to protect existing infrastructure and to incorporate into future solutions
  • Assist customers in the development and maintenance of information security policies, standards, and control procedures to enable compliance with applicable regulations and industry standards, including Payment Card Industry Data Security Standard (PCI DSS), California Consumer’s Privacy Act (CCPA), SOC 2, and Sarbanes Oxley (SOX), NIST, CIS, etc.
  • Securing enterprise information by identifying network and application security requirements, planning, implementing, and testing security controls and procedures.
  • Keeping abreast of the latest intelligence from law enforcement and other sources of cyber threat information.
  • Propose, design, plan and execute strategic and tactical operational security.
  • Works with all departments and application vendors to implement and maintain security.
  • Installation/Configuration of Security Products i.e. Firewalls, MFA, EDR, etc.
  • Performs other related duties as assigned.

 

Requirements:

  • Ability to install Multi-Factor platforms i.e. Cisco DUO, Okta, and integrate with SAML and other authentication methods.
  • Ability to install Firewalls i.e. Palo Alto, Fortinet, Cisco
  • Ability to install NextGen EDR Platforms SentinelOne, Palo Alto XDR, Crowdstrike
  • Expertise with AWS and Azure Infrastructure and Security Operations, Security Principles and Policies, Red/Blue Team Operations, and Offensive Security. Expertise in a variety of security information and event management (SEIM), data loss prevention (DLP), intrusion prevention systems (IPS), and other tools used in security operations. Working knowledge of modern application development tools and methodology
  • Minimum 3 years of IT experience designing and implementing cutting-edge cybersecurity capabilities at an enterprise scale.
  • Experience collecting data from multiple sources and consolidating results into analytic models, alerts, and reports
  • Experienced meeting corporate security policies and regulatory requirements
  • Solid understanding of NIST/CIS Cybersecurity Framework
  • Well-versed in incident response and investigative processes
  • Extensive experience with cloud-based technologies (AWS/Azure/GCP and how to enhance security postures)

 

Preferred:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Security +
  • GIAC Security Expert (GSE)
  • GIAC Systems and Network Auditor (GSNA)
  • Computer Security Incident Handler (CSIH)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Ethical Hacker (CEH)

 

Benefits:

  • Healthcare
  • Vision/Dental
  • 401k - Matching
  • Flexible PT

Tags: Application security AWS Azure Blue team CCPA CEH CISM CISSP Cloud Compliance CrowdStrike EDR Firewalls GCFA GCIH GCP GIAC GSNA Incident response Intrusion prevention IPS NIST Offensive security Okta PCI DSS Privacy Risk assessment SAML SOC SOC 2 SOX Vulnerabilities XDR

Perks/benefits: 401(k) matching Flex hours

Region: Remote/Anywhere
Job stats:  1226  119  1

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.