Information Security Engineer
Company: machindustries.com
Location: Huntington Beach
Posted on: November 12, 2024
Job Description:
Mach is a defense manufacturing company that builds munitions to
help the United States win future wars. Backed by $85M in funding
from top venture firms, our small lean team ideates, designs,
manufactures, and sells cutting-edge weapons to the Department of
Defense.Role Summary:We are seeking a skilled Information Security
Engineer to join our team, responsible for protecting our
organization's information systems and data. The primary objective
of this role is to implement and maintain security measures that
comply with industry standards, including NIST 800-171 and CMMC,
while effectively managing risks associated with information
security. The successful candidate will play a vital role in
conducting risk assessments, responding to security incidents, and
fostering a culture of security awareness within the
organization.Key Responsibilities:
- Implement and maintain compliance with NIST 800-171 and CMMC
frameworks, ensuring the organization meets all necessary security
requirements.
- Conduct comprehensive risk assessments to identify
vulnerabilities and implement effective risk mitigation strategies
across the organization.
- Stay current with DoD cybersecurity policies, including the
Risk Management Framework (RMF), to ensure all practices align with
regulatory requirements.
- Utilize SIEM, EDR/XDR, and SOAR tools to monitor, assess, and
enhance the security posture of the organization.
- Execute scanning, reconnaissance, and penetration testing to
discover weaknesses in security defenses and enhancements.
- Manage and secure cloud services, including but not limited to
AWS, Azure, and DISA mil, ensuring compliance with security
requirements.
- Develop scripts using bash, shell, PowerShell, and other
programming languages to automate security tasks and improve
efficiency.
- Lead responses to security incidents, overseeing investigation,
containment, eradication, and recovery processes. Conduct
post-incident reviews and suggest improvements for future
prevention.
- Design and conduct security training and awareness programs to
educate staff on security policies and best practices, promoting a
security-first culture.
- Maintain detailed documentation of security systems, policies,
procedures, and incident reports. Update security documentation as
necessary to reflect changes in procedures or regulations.
- Conduct detailed analysis of security events, compile data, and
provide insights in written reports, correspondence, or verbal
briefings to stakeholders.Minimum Qualifications:
- Bachelor's degree in Cybersecurity, Information Technology,
Computer Science, or a related field, or equivalent
experience.
- Minimum of 5 years of experience in cyber/information security
roles, with a focus on risk assessment and compliance.
- Hands-on experience with NIST 800-171, CMMC, and the Risk
Management Framework (RMF).
- Proficiency with SIEM tools, EDR/XDR tools, SOAR tools, and
cloud security tools. Familiarity with IT networking, Windows, and
cloud systems.
- Proficient in bash, shell, PowerShell, Python, and/or basic
scripting on Linux and Windows platforms.
- Strong analytical skills, attention to detail, and the ability
to manage multiple projects in a fast-paced environment.Preferred
Qualifications:
- Certifications such as Certified Information Systems Security
Professional (CISSP), Certified Information Security Manager
(CISM), or similar credentials.
- Experience with advanced cybersecurity frameworks and
methodologies, including incident response and penetration
testing.
- Experience with securing cloud platforms and services,
particularly AWS, Azure, and GCP.Ideal Candidate:
- The ideal candidate is proactive, detail-oriented, and thrives
in a dynamic, collaborative environment. They possess a strong
understanding of information security principles and the ability to
analyze complex security issues. A successful Information Security
Engineer will have experience in conducting risk assessments and
implementing security measures that are compliant with industry
standards. They should be adept at using various security tools and
technologies, as well as possess a solid foundation in IT
networking and cloud security. Strong communication and training
abilities are essential for this role, as the candidate will be
responsible for fostering a culture of security awareness within
the organization.
#J-18808-Ljbffr
Keywords: machindustries.com, Cerritos , Information Security Engineer, Engineering , Huntington Beach, California
Didn't find what you're looking for? Search again!
Loading more jobs...