Senior Security Engineer
Irvine, California, United States of America
Contract
3 hours ago
Key skills
PythonBashPowerShellBITableauPower BIAWSAzureGoogle CloudCloudWatchActive DirectorySplunkSDLCLeadershipCollaborationCheckmarxOWASPPenetration TestingCloud SecurityZero Trust
About this role
Job Title: Senior Security Engineer
Location: Onsite-Irvine / Remote
Long term contract
About the Role
We are seeking a highly experienced Senior Security Engineer with a strong background in securing enterprise IT and OT environments. The ideal candidate will have hands-on expertise across Application Security, Vulnerability Management, SOC Operations, Cloud Security, Endpoint Protection, and Identity & Access Management.
You will play a key role in enhancing the organization's security posture through risk-based vulnerability remediation, automation, threat hunting, incident response, and compliance with global standards. This is a hands-on technical role requiring deep knowledge of SIEM/SOAR platforms, EDR tools, cloud-native security, and secure development practices.
Key Responsibilities
- Lead vulnerability management programs using tools like Qualys VMDR, Rapid7 InsightVM, Nessus, and Burp Suite. Prioritize remediation based on risk scores, business impact, and CMDB asset data.
- Manage and optimize endpoint security solutions including EDR (CrowdStrike, Carbon Black, Microsoft Defender), antivirus, and host-based firewalls across Windows, Linux, and RHEL environments.
- Monitor, correlate, and investigate security events using SIEM platforms (Splunk, QRadar, Microsoft Sentinel) and integrate telemetry from cloud services (AWS CloudTrail/GuardDuty/CloudWatch, Azure Security Center/Monitor, Google Cloud Platform Logging).
- Design and implement SOAR workflows (Splunk SOAR, Cortex XSOAR, Sentinel SOAR) for automated incident response, threat containment, and remediation.
- Conduct threat hunting, forensic investigations, root cause analysis, and provide preventive recommendations for endpoint and cloud-related incidents.
- Administer Privileged Access Management (PAM) using CyberArk CorePAS (safes, credential rotation, session monitoring) and Identity & Access Management solutions (SailPoint IdentityIQ, Active Directory, ADFS, MFA, Conditional Access).
- Support Cloud Security posture management across AWS, Azure, and Google Cloud Platform environments, ensuring compliance with relevant frameworks.
- Perform and support Application Security activities including manual/grey-box penetration testing, static code analysis (HP Fortify, IBM AppScan, Checkmarx), secure code reviews, and OWASP Top 10 remediation.
- Ensure adherence to regulatory and industry standards including NIST CSF 2.0, ISO 27001, PCI-DSS, HIPAA, SOX, and NYCRR 500. Assist in internal/external audits and compliance reporting.
- Automate security processes using Python, PowerShell, and Bash for log parsing, vulnerability reporting, SOAR playbooks, and dashboarding.
- Create and maintain security dashboards and reports using Power BI, Tableau, and SIEM tools for stakeholders and leadership.
- Collaborate with Infrastructure, Application Development, SOC, and GRC teams to drive security initiatives, remediate findings, and improve overall security maturity.
- Contribute to continuous improvement by evaluating new security tools, tuning policies, and recommending enhancements to endpoint, cloud, and application security controls.
Required Skills & Competencies
- Endpoint Security: EDR (CrowdStrike, Carbon Black, Defender), Antivirus, Host Firewalls
- Vulnerability Management: Qualys, Nessus, Rapid7 InsightVM, Burp Suite, Patch Management, CMDB integration
- SOC & IR: SIEM (Splunk, QRadar, Sentinel), SOAR (Cortex XSOAR, Splunk SOAR), Threat Hunting
- Identity & Access: CyberArk PAM, SailPoint, Active Directory, ADFS, MFA, Zero Trust principles
- Cloud Security: AWS (GuardDuty, CloudTrail, Config, Security Hub), Azure Security Center, Google Cloud Platform Logging
- Application Security: Penetration Testing, OWASP Top 10, Static Code Analysis (Fortify, Checkmarx, AppScan), Secure SDLC
- Automation & Scripting: Python, PowerShell, Bash
- Compliance: NIST, ISO 27001, PCI-DSS, HIPAA, SOX
- Strong analytical, documentation, and cross-functional collaboration skills
Preferred Certifications
- CISSP (ISC )
- CCSP (ISC )
- CISM
- CompTIA Security+
- Cloud Security certifications (AWS/Azure/Google Cloud Platform Security)
- Any relevant Fortinet, Splunk, or CyberArk certifications
Education
Bachelor s degree in Computer Science, Cybersecurity, or related field (B.Tech preferred)