Principal Security Engineer

Posted:
11/19/2024, 3:40:40 AM

Location(s):
California, United States ⋅ District of Columbia, United States ⋅ Santa Ana, California, United States ⋅ Washington, District of Columbia, United States ⋅ Nevada, United States ⋅ Arizona, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Workplace Type:
Remote

Who We Are

Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for nine consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.

What We Do

The Security Engineer is responsible for providing operational security solutions that would enable the success of IT and business initiatives. Security Engineer interfaces with IT Groups across the company, client managers, business customers, third-parties, vendors, and auditors. The Security Engineer co-designs (along with Security Architect) and operationalizes security solutions that can be effectively delegated to Security Analysts or other support/operations functions. The scope of Security Engineers extends across technical and administrative controls that enable the protection and availability of business and IT systems. The Security Architect is responsible for defining the organizations information security architecture and standards and creating prioritized risk based upon technical security control roadmap. The Security architect will coordinate technical design/review activities and develop secure architectural frameworks, operational guidelines and metrics to support a secure computing environment consistent with the organizations Information security policies, standard and overall strategy security risks for the company.

What You'll Do

  • Leads technical direction in designing and implementing security solutions for corporate technical infrastructure and business applications.
  • Participates in all phases of project planning in security service support, including functional requirements, design specifications, testing and quality assurance, implementation and support.
  • Leads technical engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement.
  • Investigates, recommends, evaluates, deploys and integrates security tools and techniques to improve our ability to protect corporate assets and infrastructure.
  • Participates in technical risk assessments and security exposure analyses of systems, networks and business applications.
  • Evaluates and implements security devices such as firewalls, IDS, IPS, threat correlation tools, vulnerability management tools, encryption capabilities, etc.
  • Analyzes network elements and designs to ensure secure and optimal system and network performance and cost effectiveness.
  • Oversees the purchase, installation, and support of security devices.
  • Responsible for assessing and managing information security risks to pre-existing current systems.
  • Assists in the planning of large scale systems projects through vendor comparison and cost studies.
  • Monitors, reports and resolves all security related problems and discrepancies.
  • Participates as a member of the Information Security Incident Response Team.
  • Interacts with internal and external clients on security requirements, identifies security process and develops strategies/solutions to security issues while maintaining tight security discipline.
  • Develops test plan and implements rigorous testing prior to rollout of new systems into the production environment.
  • Leads Cyber Security incident investigations
  • Required to perform duties outside of normal work hours based on business needs.

What You'll Bring

  • Generally requires a BS Degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering, or equivalent work experience.
  • Must have minimum 7 years information security experience.
  • Must have 5+ years hands on experience with networking, intrusion detection, VPN, PKI, Next-Generation firewalls, NAC; Identity management and encryption technologies.
  • Uses skills as a seasoned, experienced professional with a full understanding of industry practices and established policies and procedures.
  • Troubleshoots and guides others on a wide variety of complex problems and identifies solutions within broad application and functional expertise.
  • May set objectives for project goals and other team members and monitors progress to achieve goals. 
  • Devises or modifies department processes and procedures.
  • Negotiates, persuades and gains consensus from cross functional team(s).
  • Errors may cause system/application outages that affect a large number of users or possibly multiple applications.
  • Experience in implementing Information Security technologies and/or processes required.
  • Experience in product evaluation and managing vendor relationships required.
  • Experience in defining Information Security strategy and integrating security technologies into corporate frameworks.
  • Must have hands on working knowledge of UNIX/AIX, Microsoft NT/2000, firewall multi-layer design and implementation, router access list/packet filtering (CISCO), WANs, LANs, the Internet, Intranets, network protocols and network services (i.e., telnet, ftp, etc.), Intrusion detection systems, Virtual Private Network (VPN), two factor authentication.
  • No formal responsibility for the supervision of others but may provide functional advice or training to less experienced team members
  • May instruct, direct, and assign work to other team members, monitoring project status.
  • Uses expertise of other team members and leverages a wide range of additional resources to explore/implement complex customized applications as a solution.
  • May act as a team leader for projects with moderate budgets or of a short to intermediate duration.
  • Experience in implementing Information Security technologies and/or processes required.
  • Experience in product evaluation and managing vendor relationships required.
  • Experience in defining Information Security strategy and integrating security technologies into corporate frameworks.
  • Must have hands on working knowledge of UNIX/AIX, Microsoft NT/2000, firewall multi-layer design and implementation, router access list/packet filtering (CISCO), WANs, LANs, the Internet, Intranets, network protocols and network services (i.e., telnet, ftp, etc.), Intrusion detection systems, Virtual Private Network (VPN), two factor authentication.
  • CISSP, GIAC, CCNA, CCNP preferred


Salary Range: $166,750.00-$222,325.00

This hiring range is a reasonable estimate of the base pay range for this position at the time of posting.  Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location

Disclaimer
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal work hours and/or responsibilities from time to time, as needed.

What We Offer

By choice, we don’t simply accept individuality – we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it’s the right thing to do, but also because it’s the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.

First American

Website: https://www.firstam.com/

Headquarter Location: Santa Ana, California, United States

Employee Count: 10001+

Year Founded: 1889

IPO Status: Public

Industries: Financial Services ⋅ Insurance ⋅ Property Insurance ⋅ Real Estate ⋅ Real Estate Investment