Job Title: InfoSecurity Engineer- Onsite
Location: Gleandale, CA
Duration: 6 months contract to Hire
Key Responsibilities:
• Develop, implement, and maintain information security policies, standards, and procedures aligned with industry best practices and regulatory requirements.
• Monitor and analyze network and system activity using SIEM and related tools to identify security threats.
• Oversee compliance with internal policies and external regulations (e.g., GDPR, CCPA, ISO 27001), including conducting audits, assessments, and management reporting.
• Identify, assess, and mitigate risks through risk assessments and vulnerability analyses, coordinating remediation with technical teams.
• Serve as the first point of contact for security incidents, leading investigation, containment, remediation, documentation, and post-incident reviews.
• Implement, maintain, and improve cybersecurity controls, including endpoint protection, DLP, and vulnerability management systems.
• Support internal and external audits by maintaining compliance documentation.
• Develop and deliver security awareness training and promote a strong security culture across the organization.
• Collaborate with IT, legal, HR, and cross-functional teams to ensure consistent security controls and secure system implementations.
• Prepare regular reports for senior management on security posture, compliance metrics, and incident trends.
• Stay current on emerging threats, attack techniques, and regulatory changes to proactively reduce risk.
Required Skills & Experience
• 3+ years in Security Engineering, ProdSec, or DevOps roles
• Strong knowledge of cybersecurity principles, threat detection, and incident response
• Hands-on experience with risk assessment, vulnerability management, and remediation
• Ability to develop, implement, and enforce security policies and standards
• Experience monitoring systems and networks using SIEM and security tools
• Proficiency in Python and/or Bash for security automation
• Experience securing Linux and/or Windows systems
• Familiarity with CI/CD pipelines and infrastructure-as-code (e.g., Terraform)
• Working knowledge of compliance and security frameworks (ISO 27001, NIST, GDPR, etc.)
• Ability to collaborate across engineering, IT, legal, and compliance teams
• Familiarity with anti-tamper strategies and reverse-engineering tools.
• Comfortable owning large initiatives end-to-end with minimal oversight.
• Hands-on experience with security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection solutions
