Security Engineer Lead
تفاصيل الوظيفة
Leading the future in luxury electric and mobility At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility. We plan to lead in this new era of luxury electric by returning to the fundamentals of great design - where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience. Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we're providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you. We are currently seeking a Senior Security Engineer . You will serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls. Our ideal candidate exhibits a can-do attitude and approaches his or her work with vigor and determination. Candidates will be expected to demonstrate excellence in their respective fields, to possess the ability to learn quickly and to strive for perfection within a fast-paced environment. DUTIESParticipate in and coach the Security Operations & Incident Response Develops and maintains access control rules Serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls. Work closely with software and data engineers to ensure adequate security solutions are in place throughout all systems. Conduct periodic training and knowledge transfer sessions for external/internal department staff and business partners Manage and update the InfoSec risk model, and in coordination with other functional teams Serve as a trusted advisor to business functional areas and internal IT resourcesEnsure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new servicesContribute to the development and maintenance of the information security strategyPlan, design and build of enterprise scale security architectures. Monitor cyber-security requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devicesPerform technical security assessments, code audits and design reviewsAdvocate security and secure practices throughout the companyBe involved in offensive security exercisesRespond immediately to cyber security related incidents and provides a thorough post-event analysisUtilize the skills, knowledge, and competence on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment, and runtimeSecurity configuration, audit, and management of applications and databases Leads identification and proposes remediation of vulnerabilities Maintains user lists, passwords, encryption keys, and other authentication and security-related information and databases RequirementsBachelor's degree in engineering, information security or IT-related matter or equivalent experience15+ years working experience in high-level technical Security TechnologiesHands on experience in F5 Big-IP, Palo Alto, Infoblox, & CiscoUnderstanding and practical experience Network design and architecture, Cloud based services (PaaS, IaaS, SaaS), Virtualization / Containerization, Mobile security (MDM, MAM), Encryption / PKI, Database security, Application/ API security, Identity Management (IDM) Understanding of software development principles. Proficiency in several security technologies including data loss prevention, encryption, cloud access security brokers, identity and access management, micro-segmentation, multi-factor authentication, endpoint protection, SIEM and perimeter defensesExperience working across the full stack of enterprise security tools to include everything from the physical layer to the application layer Ability to lead the design of network security infrastructure and the integration of new requirements into existing architectures Experience leading compliance assessments of relevant cybersecurity frameworks Experience conducting daily Security Operations Center triage and research Applied experience with many of the following technologies/roles: Privileged Account Management, Web filtering, Web Application Firewalls, Encryption-at-rest, and encryption-in-transit, Advanced endpoint protection, Vulnerability Management Experience responding to incidents, crises, and investigations with sensitivity, tenacity, and a focus on detail required. Strong, applied knowledge of security practices and methodologies, security controls and architecture including the use of intrusion detection/prevention and other defenses. Experience implementing DoD and Federal IA Assessment and Authorization (A&A) processes, IA controls and developing and maintaining associated documentation. Experience with security features and/or vulnerability of various operating systems as defined by NIST, ISO27K & CIS. Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows, Red Hat Enterprise Linux, and CISCO Systems. Familiar with Program Protection Plan (PPP)Knowledge of applicable data privacy practices and lawsExcellent knowledge of ITSM, ITIL standards and its processesExcellent communication and training skillsFlexible work approach, based on the job requirementsStay up to speed on the latest at Lucid.Contact us to learnhow to digitalize your business
#J-18808-Ljbffr Quality Management
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
