This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Altais Health Solutions - Oakland, CA
posted 2 months ago
About the position
The Senior Security Engineer at Altais is responsible for maintaining and enhancing the security infrastructure, identifying threats and vulnerabilities, and mitigating security risks. This role involves monitoring incident response alerts, conducting vulnerability scans, and providing regular updates on the security threat posture to business and technology leaders. The engineer will also participate in IT policy creation and act as a subject matter expert in various security-related projects.
Responsibilities
- Maintain and mature the security infrastructure.
- Recognize threats and vulnerabilities to networks, data, applications, and infrastructure.
- Monitor incident response alerts and respond to those impacting infrastructure and business operations.
- Provide regular reviews of the security threat posture to business and technology leaders.
- Document and manage work through a ticketing system and change control process.
- Perform vulnerability scans using vendor utility tools.
- Monitor security audit and intrusion detection system logs for anomalies.
- Investigate and escalate security violations and unauthorized access attempts.
- Recommend and deploy configuration changes to improve security posture.
- Evaluate the security of cloud infrastructure and establish security requirements.
- Remain current with emerging threats and configure systems to mitigate risks.
- Create and maintain IT policies.
- Detail and communicate recommended security controls and deficiencies.
- Participate as the Information Security subject matter expert in project teams.
Requirements
- Bachelor's degree or equivalent experience.
- 7+ years of experience with information technology at scale.
- 3-5 years of information security engineering, vulnerability management, incident response, or related network security experience.
- Experience working in a 24x7 distributed operational environment.
- Experience driving measurable improvement in monitoring and response capabilities at scale.
- Experience operating and defining controls for security frameworks such as HIPAA, GDPR, PCI-DSS, ISO 27K, COBIT, COSO, NIST 800-53/171, NIST CSF, CIS, OWASP, HITRUST, FISMA, NERC CIP.
- Experience with EDR technologies such as Crowdstrike or Defender.
- Experience with eDiscovery processes and requirements.
- Experience managing and writing IT and Information Security policies.
- Process mapping and data flow modeling experience.
- Active Directory administration.
- Experience with identity and access management (SAML, OIDC, ADFS, SCIM, LDAP).
- Windows/xNix Server administration.
- Knowledge of OWASP, CIS and MITRE frameworks, IaaS (Azure).
- Industry recognized certifications (CISSP, CCSP, CISM, CRISC, etc.).
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
Benefits
- Competitive compensation package
- Robust benefits program
