InfoSecurity Engineer

Info Security Engineer IS3 Solutions
• Glendale, CA, United States

Client is seeking an Information Security Engineer with strong hands-on security engineering and compliance experience in complex technical environments. The ideal candidate will oversee the implementation and monitoring of security policies, ensuring the organization's information assets are protected and compliant with relevant regulations and standards.

• Develop, implement, and maintain information security policies, standards, and procedures aligned with industry best practices and regulatory requirements.
• Monitor and analyze network and system activity using SIEM and related tools to identify security threats.
• Oversee compliance with internal policies and external regulations (e.g., GDPR, CCPA, ISO 27001), including conducting audits, assessments, and management reporting.
• Identify, assess, and mitigate risks through risk assessments and vulnerability analyses, coordinating remediation with technical teams.
• Serve as the first point of contact for security incidents, leading investigation, containment, remediation, documentation, and post-incident reviews.
• Implement, maintain, and improve cybersecurity controls, including endpoint protection, DLP, and vulnerability management systems.
• Support internal and external audits by maintaining compliance documentation.
• Develop and deliver security awareness training and promote a strong security culture across the organization.
• Collaborate with IT, legal, HR, and cross-functional teams to ensure consistent security controls and secure system implementations.
• Prepare regular reports for senior management on security posture, compliance metrics, and incident trends.
• Stay current on emerging threats, attack techniques, and regulatory changes to proactively reduce risk.

• 3+ years in Security Engineering, Prod Sec, or Dev Ops roles
• Strong knowledge of cybersecurity principles, threat detection, and incident response
• Hands‑on experience with risk assessment, vulnerability management, and remediation
• Ability to develop, implement, and enforce security policies and standards
• Experience monitoring systems and networks using SIEM and security tools
• Proficiency in Python and/or Bash for security automation
• Experience securing Linux and/or Windows systems
• Familiarity with CI/CD pipelines and infrastructure-as-code (e.g., Terraform)
• Working knowledge of compliance and security frameworks (ISO 27001, NIST, GDPR, etc.)
• Ability to collaborate across engineering, IT, legal, and compliance teams
• Familiarity with anti‑tamper strategies and reverse‑engineering tools.
• Comfortable owning large initiatives end‑to‑end with minimal oversight.
• Hands‑on experience with security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection solutions