Senior Information Security Engineer

Vast is looking for an Information Security Engineer, reporting to the Information Security Manager, to assist in the deployment and maintenance of the organization's growing cybersecurity infrastructure. Information Security Engineer supports the enforcement of security policies and procedures, ensuring compliance with pertinent regulations and security standards (i.e. NIST SP 800-171 Rev 2). 

This will be a full-time, exempt position located in our Long Beach location.

Responsibilities: 

• Research, select/build, and implement tools to improve our security posture
• Evaluate and recommend security technologies, tools, and best practices
• Implement/maintain solutions and configurations to achieve compliance with government regulations like NIST 800-171, CMMC 2.0, and ITAR/EAR
• Work cross-functionally with other teams to ensure the security of the systems they use or build
• Automate our security infrastructure to the maximum extent possible
• Assess our information systems attack surface to identify and remediate gaps and weaknesses
• Lead and improve our incident response program
• Monitor security systems, networks, and applications for suspicious activities

Minimum Qualifications:

• 2+ years of hands-on experience 
• Experience securing Windows, MacOS, and Linux endpoints
• Proficiency in configuring, deploying, and maintaining security tools such as SIEM, IDS/IPS, antivirus, and vulnerability scanning
• Proficient understanding of cloud technologies such as AWS, Google, and Azure
• Proficient in using automation scripts (i.e. Powershell, Bash, Python)
• Knowledge of network protocols, firewalls, and intrusion detection/prevention systems

Preferred Skills & Experience:

• Technical certifications such as OSCP, eCPPT, or platform specific certifications
• Familiarity with Kali Linux
• Understanding of cyber deception
• Experience conducting social engineering campaigns
• Experience supporting audits and assessments
• Understanding of compliance requirements and certifications like NIST 800-171, CMMC 2.0, DFARS 252.204-7012, ITAR/EAR 
• Familiarity with security SaaS solutions and relevant integrations
• Prior experience working in a fast-paced startup environment

Additional Requirements:

• Ability to travel up to 10% of the time
• Willingness to work evenings and/or weekends to support critical mission milestones

Pay Range:

• Information Security Engineer II: $130,000 - $165,000
• Senior Information Security Engineer: $140,000 - $185,000