IT Security Engineer

San Diego, CA, United States

Gunderson Dettmer  is the only business law firm of its kind - exclusively serving the global venture capital and emerging technology marketplace. With 400 attorneys in eleven offices - from Silicon Valley to Singapore - we innovate for innovators, accelerate entrepreneurship, and help build companies at every stage of the growth lifecycle. We are committed to being the employer of choice by working together to create an environment, in which each of our people can grow, take initiative, and develop a fun, fulfilling and financially rewarding career.

In addition to offering competitive salaries, we also offer an excellent benefit package, which includes full medical, dental and vision coverage; 401(k) Profit Sharing Plan; Flexible Spending Account and Paid Time Off.

Job Description

Gunderson Dettmer has an opening for a full-time IT Security Engineer . We leverage the latest security products and services and correlate multiple telemetry points to furnish a continuous picture of our security readiness. The person filling this role will understand and integrate layers of (sometimes overlapping) technology against the widest array of possible attack vectors. We are looking for a person with utmost dedication to the discipline of information security and the ability to communicate thoughtfully and concisely about data loss prevention, network and application security, threat vectors, remediation and reporting.

This position reports directly to the Director of Enterprise Infrastructure and will work in collaboration with the Office of General Counsel, and Information Governance team to drive security analysis, threat detection and prevention, and vulnerability remediation for the Firm.

Job Responsibilities

Plan, develop, implement and update company’s information security strategy, to include thorough documentation of the cybersecurity architecture.

Design, develop, execute and track the performance of security measures (hardware, software, systems) to protect information and network infrastructure and computer systems.

Identify, define and document emerging system security weaknesses and threats and recommend solutions to management.

Configure, troubleshoot and maintain security infrastructure software and hardware.

Research, assess and recommend security products that monitor systems and networks for security breaches and intrusions.

Monitor systems daily for security events and alerts through both organic and SIEM-generated log analysis, and provide operational support to the greater information security team.

Perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the information security engineer to develop alerting and detection strategies to look into any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics.

Assist the Office of General Counsel in the creation and maintenance of SOC or ISO security certifications.

Assist the Office of General Counsel to educate and train staff on information system security best practices.

Be responsible for evidence collection, documentation, communications, and reporting for all forensic activities including incident response and investigations.

Maintain current knowledge and understanding of the threat landscape and emerging security threats.

Gunderson Dettmer  is the only business law firm of its kind - exclusively serving the global venture capital and emerging technology marketplace. With 400 attorneys in eleven offices - from Silicon Valley to Singapore - we innovate for innovators, accelerate entrepreneurship, and help build companies at every stage of the growth lifecycle. We are committed to being the employer of choice by working together to create an environment, in which each of our people can grow, take initiative, and develop a fun, fulfilling and financially rewarding career.

Benefits

In addition to offering competitive salaries, we also offer an excellent benefit package, which includes full medical, dental and vision coverage; 401(k) Profit Sharing Plan; Flexible Spending Account and Paid Time Off.

Job Description

Gunderson Dettmer has an opening for a full-time IT Security Engineer . We leverage the latest security products and services and correlate multiple telemetry points to furnish a continuous picture of our security readiness. The person filling this role will understand and integrate layers of (sometimes overlapping) technology against the widest array of possible attack vectors. We are looking for a person with utmost dedication to the discipline of information security and the ability to communicate thoughtfully and concisely about data loss prevention, network and application security, threat vectors, remediation and reporting.

This position reports directly to the Director of Enterprise Infrastructure and will work in collaboration with the Office of General Counsel, and Information Governance team to drive security analysis, threat detection and prevention, and vulnerability remediation for the Firm.

Job Responsibilities

Plan, develop, implement and update company’s information security strategy, to include thorough documentation of the cybersecurity architecture.

Design, develop, execute and track the performance of security measures (hardware, software, systems) to protect information and network infrastructure and computer systems.

Identify, define and document emerging system security weaknesses and threats and recommend solutions to management.

Configure, troubleshoot and maintain security infrastructure software and hardware.

Research, assess and recommend security products that monitor systems and networks for security breaches and intrusions.

Monitor systems daily for security events and alerts through both organic and SIEM-generated log analysis, and provide operational support to the greater information security team.

Perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the information security engineer to develop alerting and detection strategies to look into any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics.

Assist the Office of General Counsel in the creation and maintenance of SOC or ISO security certifications.

Assist the Office of General Counsel to educate and train staff on information system security best practices.

Be responsible for evidence collection, documentation, communications, and reporting for all forensic activities including incident response and investigations.

Maintain current knowledge and understanding of the threat landscape and emerging security threats.

Required Knowledge, Experience, Skills, and Abilities

The candidate who will best fill this role will come to us having traversed any number of paths. We want the candidate to join us because they see an organization deeply committed to information security, both in terms of emphasis and resources. The successful candidate will impress us in many ways, including with:  Proficiency in secure network architectures, encryption technologies and standards, application security, virtualization technologies and web-based protocols.

Working knowledge in identity and access management principles, networking routing techniques, social engineering, Advanced Persistent Threat (APT) and gateway anti-malware. Security Engineers must be able to work long hours and collaborate within a team.

A fundamental knowledge of all aspects of a professional service firm’s computing and communications systems with an eye for how they can be breached and ways we can protect them.

Strong interpersonal skills that establish and sustain close working relationships with functional teams and subject matter experts as well as IT technical, development, and support personnel.

Understanding and respect for confidentiality and privacy, with strong ethics and compliance aptitude.

Exceptional oral and written communication skills and expertise with policy writing, crafting educational and impactful emails and other materials. Ability to translate complex technical jargon into understandable and actionable messages.

Minimum Qualifications Candidate must have a degree in Computer Science, Information Systems or related field or equivalent relevant experience.

Familiarity with information security standards, including ISO 27001, 27002, CIS Benchmark Controls, NIST and others.

Demonstrated ability to gain skills, knowledge and certifications as needed.

Any of the following certifications are helpful in the role: CCNP (Security)

Certified Information Systems Security Professional (CISSP),

Certified Internal Systems Auditor (CISA), or

Certified Ethical Hacker (CEH).

Status Full Time, Exempt.

Hybrid Work Schedule Authorized

The expected starting salary for this position is $120,000 - $180,000 annually, dependent upon qualifications, experience and location.  Gunderson Dettmer is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

By applying to this job you acknowledge that you have read the California Consumer Privacy Act Applicant Notice

View HERE

#J-18808-Ljbffr