IT Security Engineer Jobs in Mountain View, CA at ChemoCentryx

Title: IT Security Engineer

Company: ChemoCentryx

Location: Mountain View, CA

Salary: $80K – $100K*

Category: Pharmaceuticals & Biotech

Job Description

Position Overview

Manage the security profile of the organization to ensure the desired risk posture is maintained

Develop methods and procedures that ensure quality in the areas of security and risk management

Establish clear processes for team management and communication

Execute on team decisions regarding team goals and objectives to delivery

Lead process improvement initiatives and optimize team efficiency, quality, and performance

Collaborate with teams to deliver on commitments to the organization

Essential Duties and Responsibilities

Plan and execute projects in accordance with the goals set for the security posture of the organization

Facilitate alignment with key stakeholders to ensure risks are communicated and managed in a timely manner

Execute, validate, and maintain the security controls environment to be in alignment with organizational goals

Implement and maintain appropriate security and risk management practices that tie out to organizational risk tolerance and the guidelines established by the organization’s Compliance Officer

Lead process improvement initiatives to ensure the organization stays current with the threat landscape from security and risk management perspectives

Safeguards information system assets by identifying and solving potential and actual security problems.

Protects system by defining access privileges, control structures, and resources.

Recognizes problems by identifying abnormalities; reporting violations.

Determines security violations and inefficiencies by conducting periodic audits.

Upgrades system by implementing and maintaining security controls.

Assume additional responsibilities and leadership roles that are commensurate with experience and expertise


BSc/BA in Computer Science, Information Systems, Engineering or relevant field

Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others).

2+ years of experience in developing security standards and implementing technical controls to meet standards and regulatory requirements.

Strong enterprise application and database fundamentals

Must have deep and thorough understanding of monitoring best practices, preferably with Microsoft System Center Operation Manager (SCOM)

Thorough understanding of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)

4+ years of experience in identification of risk and compliance. Broad security knowledge across common industry security standards (e.g., ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others).

Expertise across a variety of security products including firewalls, URL filtering, information security and virus protection

The commercial acumen to provide cost-effective security solutions

An enthusiasm for staying up to date with the very latest updates about security threats and solutions

Strong time management and organizational skills

Outstanding verbal and written communication skills, and the ability to effectively interact with all levels of the company, including internal partners, external providers, and functional areas

Ability to summarize complex security information into simple concepts for broad communication to management teams, and for status reports

Excellent interpersonal skills and the ability to develop…


About ChemoCentryx