Unclassified - San Francisco, CA
posted 4 months ago
This job performs ongoing cybersecurity risk reviews for new and existing technologies and services and supports ongoing and new cybersecurity projects. Individuals in this role develop requirements for and implement technical security projects and tools, as well as define the company's cybersecurity policies and control framework. This position collaborates with the company's IT department and business units to identify the need for, select, and deploy technical controls to meet specific security requirements. Employees in this role build processes and standards to ensure security requirements continue to be met. The responsibilities include administering, operating, and monitoring the company's information security sensors, logging, alerting, and other detection mechanisms to identify and respond to threats. The individual acts as a subject matter expert for one or multiple assigned cybersecurity technology stacks, such as identity and access management, network intrusion detection and prevention, and host-based security tools. Additionally, the role involves managing and maintaining the Cloud-Native Application Protection Platforms (CNAPP) and Cloud Security Posture Management (CSPM) platforms. Collaboration with the cybersecurity team is essential to identify, evaluate, and recommend new security technologies for suitability within the company's environment and security posture. The individual communicates ongoing cybersecurity activities, priorities, and risk measurements or mitigations at multiple organizational levels. They also provide guidance for security activities and requirements in the system development life cycle (SDLC) and application development efforts, participating in organizational projects as required and performing other job-related duties as assigned.