{"id":738,"date":"2025-12-04T11:14:43","date_gmt":"2025-12-04T11:14:43","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=738"},"modified":"2025-12-04T11:14:46","modified_gmt":"2025-12-04T11:14:46","slug":"information-security-engineer-application-security-compliance","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/information-security-engineer-application-security-compliance\/","title":{"rendered":"Information Security Engineer \u2013 Application Security &#038; Compliance"},"content":{"rendered":"\n<p>\u200bThis is a full-time <strong>Information Security Engineer<\/strong> role focused on maintaining and enhancing the corporate Information Security program. The position is critical for integrating <strong>regulatory compliance<\/strong> (e.g., PCI, GLBA) into the security roadmap, performing risk assessments, conducting incident response, and ensuring both application and infrastructure security conform to industry best practices and external audit requirements.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Location:<\/strong> Remote, but <strong>local to the Temecula, CA office<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Compensation:<\/strong> $96,000 to $120,000 annually, plus a 10% AIP (Annual Incentive Plan) opportunity.<\/li>\n\n\n\n<li>\u200b<strong>Experience:<\/strong> <strong>5+ years<\/strong> of related IT experience, with <strong>2+ years<\/strong> in an Information Security engineering role.<\/li>\n\n\n\n<li>\u200b<strong>Education:<\/strong> Bachelor&#8217;s degree in a related field is required.<\/li>\n\n\n\n<li>\u200b<strong>Focus:<\/strong> Application security tool implementation, regulatory compliance (PCI, GLBA), incident investigation, and security auditing of IT operational controls.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bEssential Functions: Program Development, Incident, and Audit<\/h3>\n\n\n\n<p>\u200bThe engineer is a security generalist with a strong emphasis on compliance and hands-on operational security.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Security Program &amp; Compliance:<\/strong> Assist with the <strong>development, implementation, and administration<\/strong> of security policies, standards, and procedures. Assist in integrating regulatory compliance requirements (<strong>PCI, GLBA<\/strong>) into the security roadmap and ensure compliance with all external audit requirements.<\/li>\n\n\n\n<li>\u200b<strong>Application Security:<\/strong> Assist in the identification, evaluation, and implementation of <strong>industry leading application security tools and techniques<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Risk &amp; Testing:<\/strong> Perform <strong>risk assessments<\/strong> and execute system tests to ensure proper functioning of data processing and security measures. Perform periodic <strong>internal IT security audit functions<\/strong> on IT operational controls (e.g., system access controls, firewall rule reviews).<\/li>\n\n\n\n<li>\u200b<strong>Incident Response:<\/strong> Perform <strong>security incident investigations<\/strong>, including chain of custody, containment, root cause analysis, and identification of preventive measures. Define and assist in the management of an <strong>Incident Response Team<\/strong> and its escalation procedures.<\/li>\n\n\n\n<li>\u200b<strong>Operational Security:<\/strong> Coordinate with IT Operations to ensure endpoints and network devices conform to security standards. Plan, coordinate, and implement security measures to regulate access to computer data files.<\/li>\n\n\n\n<li>\u200b<strong>e-Discovery:<\/strong> Perform information systems <strong>evidence gathering<\/strong> to support e-discovery requests.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bRequired Knowledge and Preferred Experience<\/h3>\n\n\n\n<p>\u200bThe role requires foundational security knowledge and experience in regulated industries.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Required Skills:<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u200bSignificant knowledge of <strong>security-oriented regulatory requirements and compliance<\/strong>.<\/li>\n\n\n\n<li>\u200bExcellent familiarity with <strong>IT security principles and practices<\/strong> including firewalling, hardening, data loss prevention, threat prevention, and identity management.<\/li>\n\n\n\n<li>\u200bAbility to provide technical guidance to less experienced team members.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>\u200b<strong>Preferred Experience:<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u200b3+ years of experience in a <strong>regulated IT environment<\/strong> including some combination of <strong>SOX, HIPAA, GLBA, or PCI<\/strong>.<\/li>\n\n\n\n<li>\u200bKnowledge of the mortgage industry is helpful.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>\u200b<strong>Preferred Certifications:<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u200bSecurity class certifications strongly preferred.<\/li>\n\n\n\n<li>\u200b<strong>CISSP<\/strong> license preferred.<\/li>\n\n\n\n<li>\u200b<strong>Azure certifications<\/strong> preferred.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a full-time Information Security Engineer role focused on maintaining and enhancing the corporate Information Security program. The position is critical for integrating regulatory compliance (e.g., PCI, GLBA) into the security roadmap, performing risk assessments, conducting incident response, and ensuring both application and infrastructure security conform to industry best practices and external audit requirements. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[43],"jobpost_job_type":[39],"jobpost_location":[],"jobpost_tag":[3443,2231,3442,1261,3180,1254,3446,3444,1616,3445],"class_list":["post-738","jobpost","type-jobpost","status-publish","hentry","jobpost_category-it","jobpost_job_type-remote","jobpost_tag-application-security","jobpost_tag-cissp","jobpost_tag-glba","jobpost_tag-incident-response","jobpost_tag-information-security-engineer","jobpost_tag-pci","jobpost_tag-regulated-environment","jobpost_tag-remote-local","jobpost_tag-risk-assessment","jobpost_tag-security-audit"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/738","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=738"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=738"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=738"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=738"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=738"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}