Date Posted: 1/15/2021Apply Now
Our client is investing in bright, agile and diverse new talent to ensure we continue to innovate and strengthen relationships with our policyholders. That's why we're actively seeking an Information Security Engineer to join our team and take part in our people-first culture.
As a Information Security Engineer, you will play a key role in Pacific Life's growth and long-term success by supporting the RSD Division Information Security Team, with a focus on Cloud Security, DevOps, CI/CD, Vulnerabilities Management, Application Security. While reporting to the RSD Information Security Practice Team Manager, you will be responsible for the security of on-premise and cloud based Applications, Infrastructure, Data and other IT assets.
Work with divisional Applications Teams and various enterprise IT teams to ensure projects and initiatives meet or exceed company information security standards.
Partner with Enterprise Information Security team to support information security requirements and best practices at division level.
Support Enterprise Vulnerability Management Program including vulnerability scans, remediation and monthly KRIs.
Partner with Enterprise Security and AppDev teams to help conduct static and dynamic code checks, penetration tests, security assessments, application security testing, and configuration management of applications and IT assets.
Respond in timely manner to security alerts, development of service processes and procedures, and administration/operation of security tooling.
Factors for Success
5-8 years of experience in Information Security.
Strong technical skills experience Linux and Windows operating systems.
Scripting experience in Python and Powershell.
Hands-on Experience with Terraform/CloudFormation.
Experience with DevOps and CI/CD pipelines security.
SAST/DAST static and dynamic code check.
Securing VPCs, VPC Peering, VPC Endpoints, TGW, Private Link, Direct Connect and other native AWS services.
Experience with Containers, Containers Security, Serverless Computing/Microservices/APIs security is a plus.
Knowledge of CIS, NIST frameworks and OWASP Top 10.
Experience with Cloud Compliance, SEIM, API Gateway, Code Repository, Azure Cloud Platform is nice to have.
Good understanding of Ansible/Chef configuration management. Experience with Cloud Compliance, SEIM, API Gateway, Code Repository, Azure Cloud Platform is a plus.
AWS Security, AWS DevOps certification
Demonstratable experience writing clear and legible process documentation and Strong communication skills.
TECHNICAL SKILLS (Must Have)
AWS Cloud Security
Dynamic code testing
Static Application Security Testing
Nice To Have:
Serverless Computing/Microservices/APIs security
We are an equal opportunity employer and make hiring decisions based on merit. Recruitment, hiring, training, and job assignments are made without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, or any other protected classification. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
To apply please email your resume to email@example.com
Thank you for applying to the AWS Security Engineer (REMOTE) position. Your job application has been routed to the appropriate branch for consideration. Please make note of your Password, as you will need this if you are selected to move forward in the process. Your email address will most likely serve as your username.