Position Overview:
The Enterprise Security Engineer will work closely with internal technology teams, business stakeholders, and cybersecurity staff to develop and uphold enterprise-wide security controls. This role is instrumental in advancing the organization's security capabilities and defending systems and data against emerging threats.
Key Responsibilities:
Partner with various departments to drive security initiatives and improve overall cybersecurity posture.
Implement and oversee security protocols designed to reduce vulnerability to cyber threats.
Act as a key security advisor, identifying gaps and recommending remediation strategies.
Guide continuous enhancement of technical safeguards and promote secure best practices throughout the enterprise.
Monitor evolving risks, develop strategic responses, and lead the deployment of comprehensive protection measures.
Assist in performing internal and external audits and ensure identified risks are addressed.
Evaluate, test, and select security tools based on performance, cost, and vendor support.
Translate complex technical risks into clear, actionable insights for business and technical stakeholders.
Participate in regulatory compliance efforts including SOX, PCI, and related standards.
Team Environment:
This role operates within a broader IT team that includes application development, support, engineering, and business analysis. The group manages global technology platforms and ensures seamless operations across multiple international locations. The Information Security sub-team leads the organization's cyber risk strategy, developing policies and controls to protect data, applications, and infrastructure.
Required Qualifications:
Bachelor's degree in Computer Science, Information Systems, or a related field; or equivalent education and hands-on experience.
Thorough knowledge of foundational security domains such as risk management, identity and access controls, network defense, and endpoint protection.
Experience with cloud infrastructure security (AWS, Azure, or GCP).
Strong written and verbal communication skills.
Collaborative mindset with the ability to contribute across cross-functional teams.
Strong analytical skills and a proactive approach to solving technical problems.
Ability to manage multiple projects and meet deadlines in a dynamic environment.
Preferred Experience and Skills:
Hands-on experience designing and supporting secure IT infrastructures.
Proficiency in scripting languages like Python, Ruby, or PowerShell.
Management of large-scale Endpoint Detection and Response (EDR) or Managed Detection and Response (MDR) systems.
Experience overseeing complex IT environments, including cloud services, on-premises infrastructure, and SaaS ecosystems.
Background in incident response and CSIRT operations.
Certifications in cloud or security technologies (e.g., AWS Security Specialty, Azure Security Engineer Associate, CISSP, CISM, CISA, GSEC).
All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. For unincorporated Los Angeles county, to the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.