At ITS, we see Information technology as a core enabler in delivering complex third-party logistics services at scale. ITS continues to invest in transforming its applications and infrastructure to support business growth and set us apart in the marketplace. An increasing percentage of ITS IT spending is now allocated to innovation and transformation initiatives with the goal of rapidly leveraging the following significant technology shifts to maximize business gain:

• Leverage the public cloud to deliver an elastic infrastructure for increased business agility, scalability, and resiliency.
• Use of the latest data analytics platform for informed decision-making, driving business outcomes, and uncovering new opportunities with data-driven insights.
• AI and automation to improve efficiency and speed up business processes and results.
• Digital apps to reinvent the workplace to boost employee productivity, agility, and digital dexterity through an engaging and intuitive work environment (employee experience).
• Participate in building a world-class Information Security Team.  Roles will modify over time.

Role Responsibilities

• This is a hands-on, highly technical position within a fast-paced environment, reporting to the Director of Information Security at our technology center of excellence in Walnut Creek, CA.
• Provide best-in-class enterprise subject-matter expertise across all Cybersecurity, Identity and Access Management, and Zero Trust Principles for on-premises Infrastructure and Azure Cloud.
• Responsible for the engineering, implementation, and operational steady state administration of a variety of security platforms such as SEIM, Endpoint Protection, Firewalls, WAFs, SAAS, Azure, and more.
• Responsible for maintaining operational excellence status on cybersecurity services related to administration, availability, diagrams, documentation, updates, policy management, etc., for both on-premises and Azure.
• Provide full support to the Vulnerability Management program, including management and maintenance of scanning solutions and remediation coordination with IT teams.
• Create and improve threat detection rules within the SIEM platform.
• Investigate and analyze security alerts to determine scope, urgency, impact, and remediation.
• Manage cyber security incidents and conduct triage/forensic analyses and root cause analyses of cyber-attacks.
• Continually improve internal scanning, detection, and reporting of security risks and anomalous activity.
• Provide input for Key Performance Indicators (KPIs) and Metrics reporting.
• Identify opportunities to automate or streamline current processes.
• Participate in tabletop exercises.

Role Requirements

• Bachelor’s degree with advanced security certifications such as CISSP, Certified Cloud Security Professional (CCSP), SANS GIAC, Offensive Security, Azure Certified Security Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100), Etc.
• Six years of experience in Information/Cyber Security.
• Expertise in Identity and Access Management, on-premises Infrastructure Security, and Azure Cloud Security and Best Practices.
• Expertise in Vulnerability Management and Incident Detection and Response.
• In-depth understanding of networking and network security and common enterprise communication technologies.
• In-depth knowledge of hardening Windows and Linux Operating Systems.
• In-depth knowledge of MITRE ATT&CK, CIS and NIST CSF Frameworks.

Bonus Skills

• In-depth experience with various cybersecurity techniques and principles, such as Security Operations Center and SIEM, forensics, threat hunting, penetration testing, and threat intelligence.
• Designing and orchestrating requirements for CI/CD pipelines in DEVSECOPS.
• Experience with threat modeling.
• Data Privacy.
• Proficiency in secure coding/scripting and automation.
• CrowdStrike, Cisco & Cisco Meraki, Rapid7 Insight Products, Veracode, CheckMarx, MS Intune, Proofpoint, Fortinet, Azure & Azure Sentinel, Microsoft Defender, Knowbe4