Info Security Engineer II POST NUMBER: 419147
- LOCATION: all positions based in Cypress CA. All candidates should be local to Orange County CA. Employees must adhere to hybrid work schedule (minimum of 2 days in the office, per week)
- WORK STATUS: No visa sponsorship available. Green Card holder or US Citizen only
Job Description
JOB SUMMARY
The Information Security Engineer II will play a crucial role in safeguarding the company's assets and ensuring the confidentiality, integrity, and availability of our information systems and data. The Information Security Engineer II will play a pivotal role in the design, implementation, and maintenance of multiple security solutions. In addition, the Information Security Engineer II will work closely with other teams to promote secure designs and practices across the company to mitigate risks and meet business objectives and regulatory requirements.. ESSENTIAL FUNCTIONS
Security Roadmap – Ability to guide the organization in the development of the Security Program Roadmap.
- Contribute to the development of the Security Program Roadmap
- Develop an understanding of the organizational risk profile, organizational threats, and 3rd party compliance requirements
Security Engineering - Architects and implements security technologies.
- Assist with identifying potential security technologies and researching their capabilities.
- Contributes to the design and implementation of security solutions
- Contributes to identifying migration / upgrades for end-of-life technologies
- Recommend security improvements to management
- Administer security tools and troubleshoot issues that arise
Threat Management - Ability to understand security threats and their risk to the organization.
- Contribute to the research of new and existing security threats and provide input to their potential risk to the environment
- Understands the anatomy of a breach and provides assistance with investigations
Security Governance - Establish and maintain self-audits, policies, and procedures to provide assurance that information security strategies are aligned with applicable laws and regulations through adherence to internal controls.
- Propose areas for "self-audits" based on security assessments and/or new technology deployments
- Propose security policies or procedures based on security assessments and/or new technology deployments
SUPPLEMENTAL DUTIES & RESPONSIBILITIES
- Serve as technical liaison with vendors
- Pursues training and development opportunities; strives to continuously build knowledge and skills
- Assist personnel in other technology departments to resolve technical and/or application issues
- Participate and assist in the coordination of both internal and external audits
- Other duties as requested
REQUIRED & PREFERRED QUALIFICATIONS
- Bachelor’s Degree or equivalent work experience in a related field required
- 3 years’ experience in an Information Security role with responsibilities in assessing application and infrastructure architectures for security threats and vulnerabilities, strongly preferred
- Alternatively, 5 years’ in a Senior level network/systems role with a strong focus on Security, required
- Must be self-motivated and able to work independently, with minimal supervision and as part of a team
- Hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Secure Email Gateways, Web Content Filters, Proxies, DLP, SIEM) required
- Solid foundational understanding of networking concepts required
- Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), CompTIA Security , CompTIA Network , highly desirable
- Knowledge and experience with common information security management frameworks and best practices, specifically the National Institute of Standards and Technology (NIST) frameworks and Center for Internet Security (CIS) Critical Security Controls, highly desirable
- Understanding of cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network and application security and/or data protection, preferred
- Experience implementing security concepts with at least one major IaaS vendor is preferred
- Detail oriented with excellent interpersonal communication skills
- Expected to effectively partner and collaborate with other teams on an ongoing basis
- Strong conceptual thinking and communication skills - the ability to translate medium complexity business and technical requirements into effective solutions
- Strong organizational skills and ability to multi-task in an enterprise business environment
- Ability to manage/track completion of multiple ongoing projects and remediation tasks
- Proficient technical documentation skills
- Strong written, verbal and presentation communication skills and ability to communicate at all levels within an organization
CORE COMPETENCIES
Problem Solving - Ability to problem solve through problem identification (what is the problem), solution assessment (what can be done), problem documentation (document for future) and problem response (implementing a solution).
Able to:
- Frame problems before trying to solve them
- Seek advice from those who have solved similar problems
- Follow up to ensure that the problem has been resolved
- Document and disseminate identification and resolution of problems to avoid future redundant work efforts
- Break down problems and identify all of their components
- Provide insight into the root-causes of problems
- Anticipate problems and is proactive in addressing them
Decision making - Makes sound, well-informed, and objective decisions; perceives the impact and implications of decisions; commits to action, even in uncertain situations, to accomplish organizational goals.
Able to:
- Gather data and others' input when making decisions
- Consider lessons learned from experience, differing needs, and the impact of the decision on others
- Escalate decisions when appropriate
- Balance analysis, insight, experience, and perspective when making decisions
- Find solutions that are acceptable to diverse groups with conflicting interests and needs
Customer Service - Ability to develop and maintain strong relationships with customers by listening, understanding and responding to their needs.
Able to:Building Collaborative Relationships - Develops, maintains, and strengthens partnerships with others inside or outside the organization.
- Provide service to internal and external customers to satisfy their needs and expectations
- Listen to concerns and resolve reported issues effectively and promptly
- Ensure and comply to customer response timeline (SLAs) based on the severity of reported issues including documenting concise and accurate status information in the Service Now ticketing system
- Commit to continuous improvement
- Anticipate customer’s needs and move to effectively address issues
- Establish relationship with customers providing education as appropriate
- Deliver high quality solutions
Able to:
- Establish rapport with co-workers easily
- Work with others to achieve goals
- Listen and respond constructively to other team members' ideas
- Encourage and facilitate cooperation, pride, trust and group identity
- Foster commitment and team spirit
- Offer support for others' ideas and proposals
- Be open with other team members about his/her concerns
- Share his/her expertise with others
Accountability - Holds self-accountable for measurable high-quality, timely, and cost-effective results.
Able to:
- Facilitate between own functional area and areas below or above in the work stream as needed
- Set well-defined and realistic goals
- Comply with established policies and procedures
- Accept responsibility for mistakes
- Take ownership of successful outcome of work assignments/projects through collaborative efforts with team
- Minimize re-work
- Seek out learning opportunities
- Identify training needs and take action to obtain knowledge
- Persistently push self and others for results
- Collaborate between own functional area and areas below or above in the work stream needed
- Help others
- Persistently pushes self and others for results
- Provide consistency between projects
- Display initiative, effort, and commitment towards completing assignments
Company Business Knowledge - Understands the company, its products and the business processes.
Able to:
Understands Reliance business and how technologies can support business processes.
Communication - Ability to communicate effectively across all levels to support departmental and organizational objectives.
Able to:
- Clearly express information taking into account audience and nature of the information (for example, non-technical, sensitive, and controversial)
- Ask questions and summarize what was heard to prevent miscommunication
- Present information in a concise and focused manner
- Listen to others
- Communicate written information (for example, facts, ideas, or messages) in a succinct and organized manner
- Produce written information, which may include technical material that is appropriate for the intended audience
Leadership – Displays effort and commitment in carrying out the department’s goals and objectives.
Able to:
- Act in a proactive and achievement-oriented manner
- Treat co-workers in a fair and equitable manner
- Behave in a tactful, compassionate, and sensitive manner
- Empower others by sharing information
- Actively listen and clarify information as needed
- Foster an atmosphere of open communication
YEARS OF EXPERIENCE (Check applicable box)
N/A Less than one year 1-2 years 2-5 years 5-7 years 7-10 years 10-15 years 15 years LEVEL OF EDUCATION (Check applicable box)
N/A High School/GED Associate degree Bachelor degree Master degree Doctoral degree JOB LEVEL (Check applicable box)
Associate Lead Supervisor Manager Director Vice President PHYSICAL REQUIREMENTS / WORK ENVIRONMENT (Check appropriate category)
Environment
CHECK APPROPRIATE CATEGORY TO FUNCTION IN THE JOB Sedentary work - Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met. Light work - Exerting up to 20 pounds of force frequently, and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg control requires exertion of forces greater than that of sedentary work and if the worker sits most of the time, the job is considered light work. Medium work - Exerting up to 50 pounds of force occasionally, and/or up to 20 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects. Heavy work - Exerting up to 100 pounds of force occasionally, and/or up to 50 pounds of force frequently, and/or up to 20 pounds of force constantly to move objects. Very heavy work - Exerting in excess of 100 pounds of force occasionally, and/or in excess of 50 pounds of force constantly to move objects. Physical Requirements (Check if essential to perform the job) Stand or Sit (Stationary position) Walk (Move, Traverse) Use hands/fingers to handle or feel (Operate, Activate, Use, Prepare, Inspect, Place, Detect, Position) Climb (stairs/ladders) or balance (Ascend/Descend, Work atop, Traverse) Stoop, kneel, crouch, or crawl (Position self (to), Move) Talk/hear (Communicate, Detect, Converse with, Discern, Convey, Express oneself, Exchange information) See (Detect, Determine, Perceive, Identify, Recognize, Judge, Observe, Inspect, Estimate, Assess) Pushing or Pulling Reaching Repetitive Motion
Office setting; controlled temperature environment
Field & Office setting; predominately controlled temperature environment
Warehouse/Field setting; minimal temperature environment
TRAVEL REQUIREMENTS (Check applicable box)
Not Applicable Up to 10% Up to 25% Up to 50% Up to 75% Up to 100%
Vaco values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
EEO Notice
Vaco is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law.
Vaco LLC and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco LLC and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR@vaco.com .
Vaco also wants all applicants to know their rights that workplace discrimination is illegal.
By submitting to this position, you agree that you will be giving Vaco the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal.
Privacy Notice
Vaco LLC and its parents, affiliates, and subsidiaries (“we,” “our,” or “Vaco”) respects your privacy and are committed to providing transparent notice of our policies.
- California residents may access Vaco’s HR Notice at Collection for California Applicants and Employees here.
- Virginia residents may access our state specific policies here.
- Residents of all other states may access our policies here.
- Canadian residents may access our policies in English here and in French here.
- Residents of countries governed by GDPR may access our policies here.
Pay Transparency Notice
Determining compensation for this role (and others) at Vaco depends upon a wide array of factors including but not limited to:
- the individual’s skill sets, experience and training;
- licensure and certification requirements;
- office location and other geographic considerations;
- other business and organizational needs.
With that said, as required by local law, Vaco believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.