IT Security Engineer Jobs in Mountain View, CA at ChemoCentryx
Title: IT Security Engineer
Location: Mountain View, CA
Salary: $80K – $100K*
Category: Pharmaceuticals & Biotech
Manage the security profile of the organization to ensure the desired risk posture is maintained
Develop methods and procedures that ensure quality in the areas of security and risk management
Establish clear processes for team management and communication
Execute on team decisions regarding team goals and objectives to delivery
Lead process improvement initiatives and optimize team efficiency, quality, and performance
Collaborate with teams to deliver on commitments to the organization
Essential Duties and Responsibilities
Plan and execute projects in accordance with the goals set for the security posture of the organization
Facilitate alignment with key stakeholders to ensure risks are communicated and managed in a timely manner
Execute, validate, and maintain the security controls environment to be in alignment with organizational goals
Implement and maintain appropriate security and risk management practices that tie out to organizational risk tolerance and the guidelines established by the organization’s Compliance Officer
Lead process improvement initiatives to ensure the organization stays current with the threat landscape from security and risk management perspectives
Safeguards information system assets by identifying and solving potential and actual security problems.
Protects system by defining access privileges, control structures, and resources.
Recognizes problems by identifying abnormalities; reporting violations.
Determines security violations and inefficiencies by conducting periodic audits.
Upgrades system by implementing and maintaining security controls.
Assume additional responsibilities and leadership roles that are commensurate with experience and expertise
BSc/BA in Computer Science, Information Systems, Engineering or relevant field
Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others).
2+ years of experience in developing security standards and implementing technical controls to meet standards and regulatory requirements.
Strong enterprise application and database fundamentals
Must have deep and thorough understanding of monitoring best practices, preferably with Microsoft System Center Operation Manager (SCOM)
Thorough understanding of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)
4+ years of experience in identification of risk and compliance. Broad security knowledge across common industry security standards (e.g., ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others).
Expertise across a variety of security products including firewalls, URL filtering, information security and virus protection
The commercial acumen to provide cost-effective security solutions
An enthusiasm for staying up to date with the very latest updates about security threats and solutions
Strong time management and organizational skills
Outstanding verbal and written communication skills, and the ability to effectively interact with all levels of the company, including internal partners, external providers, and functional areas
Ability to summarize complex security information into simple concepts for broad communication to management teams, and for status reports
Excellent interpersonal skills and the ability to develop…