Pacific Specialty Insurance Company Anaheim , CA 92808
Systems Engineer - Cyber Security
The IT Infrastructure group is responsible for ensuring that PSIC proactively identifies and assesses threats to its network and data, monitors its network for malicious activity, investigates intrusions and other relevant events, and has a sophisticated and detailed understanding of the evolving threat landscape. This position will engage with project teams, and collaborate with other parts of the Information Technology group, and experts in the lines of business to identify threats, create strategies to better protect technology assets, and deploy technologies and processes to put those strategies into action. You will contribute to strategically manage risk and proactively adapt to evolving threats and business needs. Performing risk assessments, evaluating and assigning security controls, assisting with the development, design, and implementation of security architectures, project security support, and technical experience are all important skill sets for this position.
Essential Duties and Responsibilities
Evaluates current systems environments, conducts research, recommends, and implements innovative systems technology that can enhance the reliability, security with emphasis on cyber security technology, productivity, and agility of the IT infrastructure
Identifies assets and assesses risks, threats, and vulnerabilities of the IT assets in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, non-repudiation and contract compliance.
Identifies and recommends cyber strategies for technology development based on stakeholder requirements
Drives security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
Owns and documents the implementation of the security controls and creates auditable evidence of security measures
Develops and recommends security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules
Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation
Actively recommends engineering solutions in collaboration with application owners to remediate inherent cyber security risks
Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement
Perform ongoing performance tuning, hardware upgrades, and resource optimization, configure CPU, memory, and disk partitions as required.
Install new and rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.
Essential Education and Skills
Bachelor's degree in Computer Science or related field, or equivalent work experience
6+ years of Information Technology experience, with at least 3 years of experience in information security working within security operations
Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
Mastery of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
Mastery of computer networking concepts and protocols, and network security methodologies
Mastery of cloud security concepts, including experience with public cloud (e.g. AWS, Microsoft Azure, etc.) and implementation experience
Knowledge, Skills, and Abilities:
Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
Experience monitoring threats via a SIEM console
Deep knowledge of diverse operating systems, networking protocols, and systems administration
Knowledge of Intrusion Detection/Prevention Systems
Knowledge of Antivirus Systems
Knowledge of commercial forensic tools
Knowledge of common indicators of compromise and of methods for detecting these incidents
Knowledge of TCP/IP Networking and knowledge of the OSI model
Knowledge of OS management and Network Devices
Solid working knowledge of SAN and NAS technology and VMWare
Experience with Window systems administration Domain Controllers, Active Directory, Sites and Services, File Server, GPO, DNS, SMTP, IIS etc.
Experience with Powershell scripting
Experience with SQL Server, Windows Vitualizations & Linux servers
Excellent problem solving, critical thinking, and analytical skills - ability to de-construct problems
We offer an excellent benefits package, an outstanding 401k and a business casual work environment. If you are interested in this position please provide together a resume and cover letter explaining how you feel your skills meet the requirements of this position and apply today!