Information Security Engineer

Company: machindustries.com
Location: Huntington Beach
Posted on: November 12, 2024

Job Description:

Mach is a defense manufacturing company that builds munitions to help the United States win future wars. Backed by $85M in funding from top venture firms, our small lean team ideates, designs, manufactures, and sells cutting-edge weapons to the Department of Defense.Role Summary:We are seeking a skilled Information Security Engineer to join our team, responsible for protecting our organization's information systems and data. The primary objective of this role is to implement and maintain security measures that comply with industry standards, including NIST 800-171 and CMMC, while effectively managing risks associated with information security. The successful candidate will play a vital role in conducting risk assessments, responding to security incidents, and fostering a culture of security awareness within the organization.Key Responsibilities:

• Implement and maintain compliance with NIST 800-171 and CMMC frameworks, ensuring the organization meets all necessary security requirements.
• Conduct comprehensive risk assessments to identify vulnerabilities and implement effective risk mitigation strategies across the organization.
• Stay current with DoD cybersecurity policies, including the Risk Management Framework (RMF), to ensure all practices align with regulatory requirements.
• Utilize SIEM, EDR/XDR, and SOAR tools to monitor, assess, and enhance the security posture of the organization.
• Execute scanning, reconnaissance, and penetration testing to discover weaknesses in security defenses and enhancements.
• Manage and secure cloud services, including but not limited to AWS, Azure, and DISA mil, ensuring compliance with security requirements.
• Develop scripts using bash, shell, PowerShell, and other programming languages to automate security tasks and improve efficiency.
• Lead responses to security incidents, overseeing investigation, containment, eradication, and recovery processes. Conduct post-incident reviews and suggest improvements for future prevention.
• Design and conduct security training and awareness programs to educate staff on security policies and best practices, promoting a security-first culture.
• Maintain detailed documentation of security systems, policies, procedures, and incident reports. Update security documentation as necessary to reflect changes in procedures or regulations.
• Conduct detailed analysis of security events, compile data, and provide insights in written reports, correspondence, or verbal briefings to stakeholders.Minimum Qualifications:
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.
  • Minimum of 5 years of experience in cyber/information security roles, with a focus on risk assessment and compliance.
  • Hands-on experience with NIST 800-171, CMMC, and the Risk Management Framework (RMF).
  • Proficiency with SIEM tools, EDR/XDR tools, SOAR tools, and cloud security tools. Familiarity with IT networking, Windows, and cloud systems.
  • Proficient in bash, shell, PowerShell, Python, and/or basic scripting on Linux and Windows platforms.
  • Strong analytical skills, attention to detail, and the ability to manage multiple projects in a fast-paced environment.Preferred Qualifications:
    • Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar credentials.
    • Experience with advanced cybersecurity frameworks and methodologies, including incident response and penetration testing.
    • Experience with securing cloud platforms and services, particularly AWS, Azure, and GCP.Ideal Candidate:
      • The ideal candidate is proactive, detail-oriented, and thrives in a dynamic, collaborative environment. They possess a strong understanding of information security principles and the ability to analyze complex security issues. A successful Information Security Engineer will have experience in conducting risk assessments and implementing security measures that are compliant with industry standards. They should be adept at using various security tools and technologies, as well as possess a solid foundation in IT networking and cloud security. Strong communication and training abilities are essential for this role, as the candidate will be responsible for fostering a culture of security awareness within the organization.
        #J-18808-Ljbffr

Keywords: machindustries.com, La Quinta , Information Security Engineer, Engineering , Huntington Beach, California