Logo
Auriga Corporation

Auriga Corporation is hiring: Senior Cybersecurity Engineer in Los Angeles

Auriga Corporation, Los Angeles, CA, United States, 90079

Save Job

Job Summary

Cybersecurity Engineering Services develop advanced security solutions in line with organizational specifications, regulations, and compliance.

Benefits

  • 401(k)
  • 401(k) matching
  • Competitive salary
  • Dental insurance
  • Flexible schedule
  • Health insurance
  • Paid time off
  • Profit sharing
  • Vision insurance

Job Responsibilities

  • Assist with security strategy updates addressing the evolving risk landscape.
  • Assist with security governance, aligned to NIST CSF, as required to sustain an effective cybersecurity program.
  • Assist with 3rd parties/projects/initiatives security risk assessments and provide solutions recommendations as needed.
  • Assist with security operations management update/improvement as required.
  • Manage information security-related activities of the agency including the analysis, identification, estimation of InfoSec efforts and the development, planning, testing, and documenting of remediation measures.
  • Develop, conduct, and document executive-level reporting and strategy formulation.
  • Create and maintain a centralized information security register to manage all InfoSec information and document changes relevant requirements.
  • Collaborate with internal and external stakeholders to maintain an understanding of current risks, new systems, and changes to the environment.
  • Support development, implementation, and maintenance of strong security risk & compliance processes for new and existing deployments.
  • Participate in vendor due-diligence processes and third-party security risk management efforts; in addition to performing contract reviews as it relates to Information Security.
  • Support internal and external audit and assessment processes for relevant compliance (PCI DSS, Privacy, etc.).
  • Create security guidelines, checklists, and other documentation to support projects and initiatives.
  • Develop and present metrics, reports, and dashboards.
  • Develop documentation for information security controls, acquisitions, and process or system changes.
  • Stay up to date on developing regulatory concerns, evolving IT, and information security trends.
  • Contribute to ensuring that the Equal Employment Opportunity (EEO) policies and programs are carried out.
  • May be required to perform other related job duties.

Knowledge & Experience Requirements

  • Experience working with a transit Universal Fare System (UFS) and the Cubic Payment Application (CPA) as it relates to transportation agency data compliance.
  • Knowledge of cybersecurity technology and compliance in transit systems.
  • Demonstrable strong background in the processes, policies, procedures, systems, practices, and professional standards of cybersecurity.
  • Demonstrable knowledge of industry best practices and relevant legal requirements as they pertain to cybersecurity, compliance, and privacy laws and regulations including TSA/DHS transport directives, DMV rules and regulation and other transportation agency cyber security rules and regulations.
  • Consultant must have delivered similar services during the past 10 years.
  • Experience with modern Security Operations Center (SOC) monitoring, detecting, analyzing, and responding to cyber threats.
  • Experience with conducting cyber forensics.
  • Experience with major Cyber Incident handling.
  • Experience with preparing and guiding organizations to achieve and sustain compliance with PCI DSS.
  • Experience with vulnerability scanning, penetration testing, etc. using commercial products.
  • Experience with risk-based prioritization of security vulnerabilities and providing actionable remediation guidance.
  • Experience with cloud-based and on-premise Security Information and Event Management (SIEM) tools including administering the tools, reviewing alerts, and providing actionable steps.
  • Experience with Security Orchestration, Automation, and Response (SOAR) platform.

Minimum Requirements

  • 15+ years’ experience supporting very large companies with skills performing above listed technical security activities.
  • Two of the certifications below:
    • Certified Information Systems Security Professional (CISSP)
    • Certified Information Systems Auditor (CISA)
    • Certified Information Security Manager (CISM)
    • GIAC Security Professional (GSEC)
    • Certified Data Privacy Solutions Engineer (CDPSE)
    • Cyber Security Nexus (CSX)

Seniority level

  • Senior

Employment type

  • Full-time

Job function

  • Information Technology

Location and salary ranges may vary by posting. Refer to the job listing for specific details.

#J-18808-Ljbffr