Job Openings

This section contains current job openings and other helpful resources on career advancement for SV-ISSA members and other Bay Area security professionalis.

To post new security job openings and other career centric information in this area please send the title, a short description, and the URL for the detailed description to the chapter webmaster at webmaster@sv-issa.org.

 

Senior Security Operations Engineer (SecOps) at Elementum, Mountain View

Who is Elementum™?

Elementum helps companies get their products to market faster and more efficiently. Whether it’s a cup of coffee, the latest smartwatch, or life-saving medicine—we're accelerating the $25T product economy. How? With a suite of real-time supply chain apps that are giving traditional enterprise software companies an identity crisis. And here's the most exciting part: we're building out the world’s Product Graph™, a digital mapping of the global product economy—bigger than Facebook’s Social and LinkedIn’s Jobs Graphs COMBINED.

Reporting to the Head of Security, the principal duties and responsibilities of the Security Operations Engineer include but are not limited to:

  • Solid understanding of a variety of types of security technologies including but not limited to IPS/IDS, WAF, Firewalls, Proxies, Wireshark, FIM, etc.
  • Develop and maintain enterprise-caliber documentation
  • Maintain knowledge of information security policies and goals
  • Keep current on the current IT threat landscape and upcoming trends in security
  • Participates in on call rotation for 24x7 support of security operations
  • Monitor Security Alerts, Tools
  • Gather and Maintain Evidence for Security and Compliance
  • Assist in development of system hardening and configuration standards
  • Penetration Testing and Vulnerability Management remediation
  • Other duties as assigned

Qualifications:

  • Assess, design, implement, automate, and document security processes and solutions leveraging Amazon Web Service (AWS) and other third-parties
  • Design architecture, methods, and controls required to meet security, compliance, and audit requirements
  • Proactively stay current with developments in relevant technologies
  • Create and share unique ways to solve challenges with others
  • Deploy security solutions in cloud environments
  • In-depth knowledge of VPCs, Security Groups, and ACLs
  • Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity
  • Must have experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
  • Develop procedures to automate security tasks during code builds and deployments
  • Develop program quality metrics as both program performance indicators and enterprise risk indicators
  • Respond to and, when appropriate, resolve or escalate security incidents
  • Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
  • Assist and train team members in the use of cloud security tools and the resolution of security issues
  • Develop and maintain documentation for security systems and procedures
  • Collaborate with the Ops team to build infrastructure and servers on AWS
  • Mentor Cloud Engineers

Requirements:

  • Minimum 2 years of experience as a Cloud Security Engineer
  • Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others
  • Knowledge of network based, system level, and application layer attacks and mitigation methods
  • Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27001, ISO 27017
  • Experience in DevOps environments and maintaining security in CI/CD processes
  • Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management, etc
  • Knowledge of AWS automation strategies and tools
  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
  • Ability to clearly and effectively communicate concerns, issues to other teams
  • Experience in developing, documenting, and maintaining security procedures
  • Proficient in AWS CLI, Bash, and Python
  • Bachelor's degree required, or equivalent industry experience (5+ years)
  • 3+ years in security engineering
  • Firewall rule and policy administration knowledge
  • Excellent verbal and written communication skills
  • Good independent problem solving and troubleshooting experience
  • Ability to manage parallel tasks and accurately document resolutions
  • Well versed in various logging infrastructure and methodologies such as Syslog, etc.
  • Understanding of Scripting (e.g., Perl, Python, shell scripting)
  • Knowledge of cloud security a big plus

Additional Desired Traits

  • Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience
  • Any recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK
  • Knowledge of BC & DRP programs including risk assessment, BIA, remediation, and staging exercises
  • Working proficiency with work tracking systems such as JIRA and project management solutions
  • Understanding of FEDRAMP, SSAE16 SOC 2, PCI DSS

Competitive Benefits:

  • Medical, Dental, and Vision are 100% covered by Elementum for employees
  • 401k matching
  • Free, daily catered lunches
  • Commuter benefits: CalTrain GoPass & WageWorks
  • Company outings
  • Casual dress code
  • Open vacation policy
  • Pets at work!
  • Engage with (and give high-fives to) senior management regularly
  • Get in on the ground floor of a huge opportunity

 

Apply at http://grnh.se/gpjnkb1

Security Engineer – Identity and Access Management (IAM) at Elementum, Mountain View

Who is Elementum™?

Elementum helps companies get their products to market faster and more efficiently. Whether it’s a cup of coffee, the latest smartwatch, or life-saving medicine—we're accelerating the $25T product economy. How? With a suite of real-time supply chain apps that are giving traditional enterprise software companies an identity crisis. And here's the most exciting part: we're building out the world’s Product Graph™, a digital mapping of the global product economy—bigger than Facebook’s Social and LinkedIn’s Jobs Graphs COMBINED.

The Security Engineer for the Identity and Access Management (IAM) program will serve as a functional subject matter expert and customer liaison for the assigned application modules.  The role is responsible to provide Elementum's Customers overall guidance on Identity Access Management (IAM) and Identity Management (IdM) with respect to the best practice to integrate with Elementum Applications (SaaS) and develop Elementum’s Internal Role-based Access Control implementation.

Main Responsibilities Includes:

  • Provide overall direction and oversight into the IAM functions across the organization, including areas such as Federation, Privileged Access Management, Authentication & Authorization, Security and Provisioning Identity Data
  • Works closely with the project managers, Security and Compliance personnel, application developers and other administrators in creating functional, scalable and secure applications from design and development through implementation for business clients
  • Knowledge of Directory Services such as LDAP, OpenLDAP, Active Directory
  • Knowledge in Federation, SAML, OpenID Connect, OAuth, JWT, SCIM and other industry standard authentication/authorization solutions.
  • Administer IAM solution for Elementum

Minimum Education and Experience:

  • Bachelor’s degree in Computer Science or related field
  • Experience may substitute for minimum education requirements
  • 3 years or more years of progressive experience with IAM

Preferred Experience:

  • Experience in design, implementation, configuration, troubleshooting and tuning Identity Access Management (IAM) products like CA Single Sign-On (Siteminder), Microsoft Identity Manager, Okta, etc.
  • Experience in one or more of the following areas: Single Sign On, Identity Federation, Resource Provisioning, Physical Access Control Systems (PACS), Logical Access Control systems and Enterprise Directory Architecture and Design including directory schema, namespace and replication topology experience.
  • Experience with SAML V2, reverse proxies, directory synchronization, role based authorization, identity reconciliation, levels of assurance, LDAP and Identity and Access Governance concepts.
  • Ability to capture business requirements and define functional specifications
  • Ability to perform requirements fit/gap analysis
  • Demonstrated proficiency in application life cycle (analysis to implementation to support)
  • Demonstrated proficiency in software test planning and execution
  • Knowledge and proficiency in troubleshooting application problems/issues (from a functional perspective)
  • Ability to work with customers and vendors to analyze problems, determine appropriate courses of action, and identify root causes and resolutions.
  • Ability to guide/train application users in the use of application features, functions and best practices

Technical Skills:

  • Ability to adapt to changing working conditions and work assignments, to be open, and motivated to learn and adapt new ideas and concepts, and to work independently or as part of the team to work on multiple tasks.
  • Ability to multi-task and provide deliverables within fixed timelines and under pressure, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • Demonstrated experience with fundamentals, principles, and processes related to change control for information systems.
  • Knowledge of testing fundamentals, the creation of test plans, and processes to ensure the identification, tracking, and remediation of bugs, errors, and defects.
  • Experience supporting software and hardware for business use, analyzing problems and assisting customers with issue resolution, and exercising best practices to monitor and conduct preventive and routine maintenance on business systems.
  • Demonstrated understanding of information system security fundamentals and principals, including security protocols, encryption and access management to ensure adherence to regulatory/compliance requirements.
  • Ability to synthesize complex information into an easy to understand manner.

Competitive Benefits:

  • Medical, Dental, and Vision are 100% covered by Elementum for employees
  • 401k matching
  • Free, daily catered lunches
  • Commuter benefits: CalTrain GoPass & WageWorks
  • Company outings
  • Casual dress code
  • Open vacation policy
  • Pets at work!
  • Engage with (and give high-fives to) senior management regularly
  • Get in on the ground floor of a huge opportunity

Apply at http://grnh.se/0vkqd41

CISSP Training Opportunity

Currently looking for a CISSP (certified information systems security professional) certified professional to deliver a CISSP training course in San Francisco on 17th-21st July. 

In order to deliver I require you to have a valid CISSP certificate as well as previous training experience. 

The Knowledge Academy provide all the course material required to deliver this. If you could please let me know if this is something you would be able and willing to do I would be keen to provide you with more details. 

I look forward to hearing back from you,

Madeline Roberts-Hunt
Global Training Provider
https://www.linkedin.com/in/madeline-roberts-hunt-154937100/