Sr Information Security Engineer

Agoura Hills, California

Posted in Banking
29 days ago

Job Info

The PennyMac Information Security department is looking to bring on an engineer that knows how to ensure security across a CI/CD pipeline, engineer AWS platforms, and has a passion for solving cybersecurity engineering challenges.

Job Description

  • Design, implement, and maintain security technologies across CI/CD pipelines including but not limited to, threat modeling, secure code analysis, vulnerable dependency scanning, container/VM hardening, dynamic security testing, and data security.
  • Help drive architecture and engineering for data, infrastructure, and API-integration across the Information Security technology ecosystem.
  • Maintain and enhance infrastructure-as-code to support Information Security visibility and configuration management objectives.
  • Assist with the implementation of API security monitoring and protection systems from inception through operationalization.
  • Configure cybersecurity systems to monitor and protect serverless and container based computing applications.
  • Engineer cybersecurity systems to automate incident response playbooks and cybersecurity monitoring.
  • Work cross-functionally with DevOps, application development, database, and infrastructure teams to develop and maintain complex systems that involve integration across in-house developed, COTS, and open-source components.
  • Develop, implement, and maintain secure configuration baselines across IaaS and PaaS platforms.
  • Participate and provide support during high priority cybersecurity incidents.
  • Mentor junior staff to develop understanding of SecDevOps, cybersecurity technology, and automation.
  • Participate in the development of comprehensive multi-year cybersecurity strategies with technical implementation guidance.
  • Provide thought leadership for architecting solutions to critical enterprise and cybersecurity initiatives.

Ideal Candidate will have the following:
  • Bachelor's Degree from an accredited university or equivalent work experience.
  • 5+ years of hands on experience in Information Security.
  • Experience maintaining infrastructure-as-code technology including but not limited to Cloudformation, Chef, Troposphere, and Stacker.
  • Approximately 3+ years of experience in Python and/or other scripting languages.
  • Ability to operate within Gitlab source code and CI/CD technology stacks.
  • Experience with AWS architecture, engineering, and security technologies.
  • Experience implementing container orchestration technologies in AWS including ECS/EKS and capable of integrating container security paradigms into these platforms.
  • Desired expert understanding of AWS IaaS/PaaS, Linux, Windows Server, Windows Desktop, VMWare, and MacOS (in order or importance) secure configuration management and security controls.
  • Desired experience integrating static code analysis into CI/CD pipelines, preferably with Checkmarx.
  • Desired experience integrating dependency vulnerability scanning into CI/CD pipelines.
  • Desired experience with container and VM hardening.
  • Desired experience in database administration, SQL, and data security.

Years of Experience: 7

Education: Bachelor's Degree

picture of a car
Save money, get a quote!

*Our advertisement policy

More jobs for you in Banking


Posted about 13 hours ago

Flagstar Bank

Posted about 13 hours ago

Flagstar Bank

Posted 15 minutes ago

Chickasaw Nation Industries
View Banking jobs ยป
Share this job with the community

Click a community link below, and then social share the Sr Information Security Engineer job.

African American Job Search Logo
Asian Job Search Logo
Disabled Job Seekers Logo
Hispanic Job Exchange Logo
LGBT Job Search Logo
Seniors to Work Logo
US Diversity Job Search Logo
Veteran Job Center Logo