Orange County's Federal Credit Union1 day ago

Senior Information Security Engineer

Orange County's Federal Credit Union

$108,895–$136,000 year

Hybrid · Santa Ana, California, United States

Santa Ana, California, United StatesHybridFull Time$108,895–$136,000 yearSenior LevelBachelors DegreeUnknown

Type

Full Time

Level

Senior Level

Education

Bachelors Degree

Company size

Unknown

Job Summary

Senior Information Security Engineer leads risk, vulnerability, and purple-team assessments; architects secure network, application, data, and cloud environments (AWS, Azure, DevSecOps pipelines); drives security tooling (EDR/XDR, SIEM, SOAR) and secure configuration baselines; mentors teams on zero-trust and security-by-design; creates and maintains security architectures and baseline configurations for networks, devices, apps, data, and cloud services; collaborates with Engineering, Infrastructure, and vendors to design secure solutions; participates in Incident Response and post-incident improvements; conducts policy development and security training; provides guidance on vendor risk, cloud security, secure coding, and application security; leads purple-team assessments to remediate risk; supports CI/CD security integrations; remote/hybrid on-site requirement in Santa Ana, CA; California residency required; salary range $108,895–$136,000 annually.

Required Qualifications

Bachelor’s Degree in Computer Science, Information Security, Information Assurance, or related technology field
7+ years of hands-on enterprise information/cyber security and IT risk management
3+ years of deep expertise in AWS and Azure security, cloud-native tools, and modern security architectures
Strong background in threat modeling, network security, vulnerability management, automation, and secure engineering practices
Experience with industry frameworks such as NIST, CIS, PCI DSS, FFIEC
Proven experience with regulations, policies, standards and framework pertaining to information and cyber security including PCI DSS standards, FFIEC guidelines on cybersecurity, CIS/NIST framework
Proven experience with secure coding standards and best practices; SAST/DAST/IAST tooling; API security; integration of security controls into CI/CD pipelines (DevSecOps)
Proven experience with virtualization and container technologies, such as VMware, Citrix Xen, Docker, or Kubernetes
At least one relevant certification (CISSP, GIAC, Security+, AWS Security – Specialty, Azure Security Engineer, etc.)
Ability to influence, partner cross-functionally, and operate under urgency with sound judgment

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started