Sr. Security Engineer

Job Summary
The Security Engineer for Golden State will leverage processes and technology to ensure the organization’s systems and data are secure. Acting as a key cybersecurity stakeholder, the security engineer will devise and manage a security roadmap that maintains and strengthens the company's security posture. This is a hands‑on role that requires active participation in assessing and remediating security vulnerabilities and managing security incidents.

Success in this role requires an individual who is organized, assertive, resourceful and an excellent communicator.

• Cybersecurity Operations:
  Execute cybersecurity processes, procedures, and policies;
• Lead and/or participate in cybersecurity investigations, working with other team members to find and validate indicators of compromise.
• Participate in threat hunting activities using tools and data available; make recommendations to enrich data sources for more accurate correlation.
• Work with other team members to remediate security threats and compromises.
• Work with other team members to identify root cause of security incidents and formulate preventative action plans.
• Monitor and assess the company’s security landscape on a continual basis, prioritizing urgent security patches and remediations as needed.
• Leverage vulnerability scanning tools to ensure security patches have been properly applied.
• Promote awareness by drafting regular cybersecurity bulletins and tips to the end‑user community and conducting training sessions.
• Partner with and manage security service providers.
• Lead and/or participate in regular security team meetings and prepare status reports.

• Support and maintain the cybersecurity platform (vulnerability management, web proxies, endpoint and email protection, SIEM, privileged account management, etc.).
• Process requests related to security tools (e.g., firewall exceptions, web usage reports).
• Perform and/or coordinate patches and upgrades to these systems as needed.
• Address any security questions from internal and external audits and examinations.
• Perform security and risk assessments on potential affiliates, technology solutions and service providers.

• Continuously assess the organization’s security posture, report findings and make recommendations.
• Stay up‑to‑date on cybersecurity best practices, trends and technologies.
• Evaluate additional security products and services as needed.

• Regular travel requirements:
  None.

• Four‑year college preferred or commensurate work experience.
• Certified Information Systems Security Professional (CISSP), or related certification.

• 4+ years experience as a cybersecurity analyst/engineer.
• Previous experience as a client/server or infrastructure engineer.
• 3+ years conducting IT compliance exercises (system access audits, penetration tests, change management audits).

• Antivirus/Malware Software (Sentinel One, Crowd Strike)
• Cybersecurity Frameworks (NIST, ISO 27000)
• Security Incident Response Frameworks
• Vulnerability Scanning and Management tools (e.g., Tenable, Rapid7)
• Email Protection (Mimecast, ProofPoint)

• Power Shell, BASH
• IPS/IDS Technology
• Web Gateways
• SIEM Technologies (i.e., Exabeam, Splunk)
• Networking Concepts
• Client and Server Operating Systems (e.g., Windows, Linux)
• Active Directory & Azure AD
• Microsoft 365
• Cloud Firewall (Zscaler)
• MFA/2FA
• SSO (SAML, OAUTH)

• Web Services
• Service Now
• Agile Methodology
• Patching Tools (SCCM)
• Enterprise Architecture
• Backup Technologies (i.e., Veeam, Cohesity, Comm Vault)
• PCI Compliance
• Privileged Access Management (i.e., Thycotic, Cyber Ark)
• Apple iOS
• ITIL
• Database Technologies (SQL, Oracle)

• Maintains the highest standards. Treats others the way you’d like to be treated. Makes the best product. Gives the customer a fair deal.
• Trust. Exhibits sense of fairness. Leads by example. Consistently lives the Values and Creed.
• Inspiration to Others. Walks the talk. Is supportive of others. Helps others develop great ideas. Looks for the best in others. Rewards positive…