TITLE Sr. Security Engineer LOCATION Los Angeles, Ca 90045 or Tulsa, Oklahoma also – Relocation Offered DURATION Direct Hire Full Time SALARY To be discussed NOTE Please email Application Question Answers and Job Related Question Answers when applying Unable to support Corp to Corp Those authorized to work in US encouraged to apply. DKKD Staffing does not sponsor and cannot support H1, TN, etc. No outside agencies please. APPLICATION QUESTIONS Name Best Contact Info Your Linked In Where do you live and your desired geographical location Why looking for a new job Availability for interviews and a new job Are you open to relocation if required Do you have an active Passport Are you open to travel if needed Are you authorized to work in US (US, , Other) Do you require sponsorship at any time or will you in the future? Salary Expectations (I need a range) Sizes of staff overseen and their titles (include of direct reports) Budgetary Responsibility EducationCertsDegrees (also indicate which certs are active) Who Referred You How Did You Hear About Job DKKD Staffing JOB QUESTIONS Please provide your of years of experience per bullet and last year used or worked on per bullet as well. If none, indicate NA please. Elaborate as needed. Unexpired Security Certification (e.g., CISPP, CISA, SANS GIAC, etc.) 5+ years experience with information security, operational IT security, security architecture service design and supporting IT teams from an information security perspective 3+ years experience working in a technical, hands-on, information security role and 2 years experience SIEM product administration (e.g. Splunk), security scanning and testing platforms (e.g. Nessus), presenting to Stakeholders and Senior Leaders Working knowledge of HIPAA and NIST CSF standards including 800-37, 800-30, and 800-53.Strong communication (oral and written) skills, including the ability to influence without authority Proficient with MS Project, Excel, Visio, PowerPoint and SharePoint Accountable for developing, managing and integrating all functions of the IT security program required to support daily operations and reduce cyber risk across the enterprise Cloud Security Certification Digital andor infrastructure transformation initiatives HITUST and the HITRUST CSF framework Oversee security policies, procedures and technologies for on premise and cloud platforms Work with enterprise IT teams to ensure projects and company initiatives are conducted according to enterprise information security requirements and standards Lead virtual meetings and establish rapport with cross-functional teams Lead security-based assessments and drive continuous improvement in policy, systems and tools securing critical data and infrastructure Install, configure and maintain use of security infrastructure and tools to automate analysis capabilities for security event monitoring and log analysis Provide 247 operational IT security support in response to security alerts, investigations and threat remediation Publish executive level reports summarizing security incidents, identified vulnerabilities, potential exploitations and remediation steps to increase the organization s security posture Conduct periodic network scans, vulnerability assessments and penetration testing to detect security weaknesses Participate in the development of IT security policies and practices, including key security strategies to respond to and recover from security breach events Provide guidance for security needs based on national security organizations, frameworks and industry regulations JOB OVERVIEW TITLE Sr. Security Engineer Location Los Angeles, Ca 90045 or Tulsa, Oklahoma (preferred) Industry travel Staff to oversee None at this time. All security handles in-house at this time Report To VPCISO DKKD Staffing placed Salary To be discussedNOT open to Corp to CorpThose authorized to work in US encouraged to apply.DKKD Staffing does not sponsor and cannot support H1, TN, etc. No outside agencies please. Job Responsibilities This is a new position for the company. The hands-on Sr. Security Engineer is accountable for developing, managing and integrating all functions of the IT security program required to support daily operations and reduce cyber risk across the enterprise. This position will oversee all security policies, procedures and technologies for our on premise and cloud platforms work with the enterprise IT teams to ensure projects and company initiatives are conducted according to enterprise information security requirements and standards lead security-based assessments and drive continuous improvement in policy, systems and tools securing critical data and infrastructure. Build and Operate Controls Install, configure and maintain use of security infrastructure and tools to automate analysis capabilities for security event monitoring and log analysis. Work with team members, vendor partners and management to enable and support security operations, analyze and investigate security issues and ensure alignment with enterprise security requirements and standards. Provide 247 operational IT security support in response to security alerts, investigations and threat remediation. Publish executive level reports summarizing security incidents, identified vulnerabilities, potential exploitations and remediation steps to increase the organization s security posture. Collaborate with leadership and team members to understand business needs and develop solutions that meet enterprise information security standards. Review proposed system changes and ensure implemented system modifications do not adversely impact the security controls of the system. Monitor Compliance and Respond Conduct periodic network scans, vulnerability assessments and penetration testing to detect security weaknesses. Monitor networks and systems and investigate security breaches, through the use of software that detects intrusions and anomalous system behavior. Conduct incidentevent investigations, lead incident response and perform forensics analysis to identify, mitigate and contain a security breach. Conduct security program and controls assessments for level of maturity with industry frameworks (NIST) to identify deficiencies. Monitor networks (cloud and on premise) and associated technologies to ensure compliance with enterprise information security requirements and standards. Perform continuous security monitoring and systems security testing, provide mitigation solutions and patching requirements for identified findings. Collect, analyze and report on data from a variety of threat intelligence sources and proactively analyze indicators of compromise (IOCs), and known and emerging threats to the organization. Develop the Security Program Participate in the development of IT security policies and practices, including key security strategies to respond to and recover from security breach events. Participate in the development of tactical response plans, procedures and escalation processes to quickly and effectively respond to potential security incidents. Provide daily support for the adherence of policies, procedures and best practices across the enterprise. Provide Coaching and Guidance Participate in awareness training and testing of the workforce on information security standards, policies and best practices. Provide guidance for security needs based on national security organizations, frameworks and industry regulations. Coach, mentor and monitor teams on the IT security program s policies, procedures, requirements and standards and provide feedback. Perform Effective Communications Develop and deliver progress reports, proposals, requirements, documentation and presentations to various audiences, including project teams, sponsors, CIO and key stakeholders. Deliver appropriate and effective executive level communications, as needed. Other duties, as assigned. Position Requirements Required Bachelor s Degree in IT Security, Computer Science, or equivalent OR Equivalent Experience. Unexpired Security Certifications (e.g., CISSP, CISA, SANS GIAC, etc.) 5+ years experience with information security, operational IT security, security architecture service design and supporting IT teams from an information security perspective. 3+ years experience working in a technical, hands-on, information security role and 2 years experience SIEM product administration (e.g. Splunk), security scanning and testing platforms (e.g. Nessus), presenting to Stakeholders and Senior Leaders. Working knowledge of HIPAA and NIST CSF standards including 800-37, 800-30, and 800-53.Strong communication (oral and written) skills, including the ability to influence without authority. Proficient with MS Project, Excel, Visio, PowerPoint and SharePoint. Preferred Cloud Security Certification. Strong organizational, attention to detail and follow-up skills. Ability to work in an ambiguous environment and collaborate across multiple areas. Ability to effectively lead virtual meetings and establish rapport with cross-functional teams. Experience with digital andor infrastructure transformation initiatives. Knowledge of HITUST and the HITRUST CSF framework. Connect with us on Linked In www.LinkedIn.cominDianeKrehbiel httpwww.LinkedIn.cominDianeKrehbiel ALL DKKD JOBS www.DKKDstaffing.com httpwww.DKKDstaffing.com