IT Security Engineer
Oakland, California
e.l.f. Beauty
e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our multi-brand portfolio includes e.l.f. Cosmetics, e.l.f. SKIN, pioneering clean beauty brand Well People, Keys Soulcare, a groundbreaking lifestyle beauty brand created with Alicia Keys and Naturium, high-performance, biocompatible, clinically-effective and accessible skincare.
We have annual revenues of ~$900 million and our business performance has been nothing short of extraordinary with 20 consecutive quarters of net sales growth as we have grown to #3 mass cosmetics brand in the US and are the fastest growing brand among the top 5. Our total compensation philosophy offers every new hire competitive pay and benefits, bonus eligibility (200% of target over the last four fiscal years), equity given to every full-time employee as a part of their new hire package, flexible time off, year-round half-day Fridays, and a hybrid 3 day in office, 2 day at home work environment. We believe the combination of our unique culture, total compensation, workplace flexibility and care for the team is unmatched across not just beauty but any industry.
Position Summary We are seeking a highly skilled IT Security Engineer to join our team. The ideal candidate will have a strong background in information security, with experience in designing and implementing security solutions to protect our organization's systems and data. The IT Security Engineer will work closely with other IT professionals to identify security risks, develop strategies to mitigate these risks, and ensure compliance with industry regulations and standards. Responsibilities • Build, deploy, and maintain security technologies to ensure the security and integrity of E.L.F.’s information systems according to the current cyber security program• Responsible for developing and documenting security related processes and procedures to help secure, mature and/or enhance the security of the environment• Respond to alerts from security infrastructure tools or intelligence and take necessary actions to remediate or divert the security risk• Responsible for leading incident response, threat intelligence, and event co-relation for a broad set of technologies under the cyber security program• Work closely with management and technical staff to resolve complex security matters and incidents• Thorough understanding of the latest technologies, security principles, and protocols• Review new and current vendors or partners security audits and practices to ensure good security standards• Collaborate with other digital teams to ensure that security measures are integrated into all aspects of our technology infrastructure• Strong knowledge of networking protocols and security best practices• Tune security events and co-relation from applicable security products and sources• Perform network traffic analysis, host behavior analysis, PC forensics, kill chain, windows event analysis etc. to effectively detect and protect company assets• Produce a monthly security operations dashboard with key performance indicators (incidents, metrics, security threats, intelligence etc.)• Provide security awareness training to employees to promote a culture of security within the organization• Act as a lead staff resource for cloud and infrastructure security-related projects and initiatives Requirements: • Bachelor’s degree in Information Technology or Information Security or substantial work experience required• Must have 3+ years of hands-on building and working knowledge of various security technologies (Network Firewalls, VPN, NAC, EDR/MDR, File Integrity Management, IPS/IDS, Application Firewalls, Vulnerability Management, Email Protection, Internet Security, SSO/MFA, SIEM Logging & Monitoring, ATP, and DLP)• Experience with risk assessment and incident response procedures• Strong knowledge of networking protocols and security best practices• Experience of Cloud and IAM security (Azure, AWS, GCP, Okta, etc.)• Good knowledge of scripting skills (Python, PowerShell, etc.) for security automation• Ability to work and lead on multiple projects simultaneously• CISSP or CISA or GIAC desiredThis job description is intended to describe the general nature and level of work being performed in this position. It also reflects the general details considered necessary to describe the principal functions of the job identified, and shall not be considered, as detailed description of all the work required inherent in the job. It is not an exhaustive list of responsibilities, and it is subject to changes and exceptions at the supervisors’ discretion.
e.l.f. Beauty respects your privacy. Please see our Job Applicant Privacy Notice (www.elfbeauty.com/us-job-applicant-privacy-notice) for how your personal information is used and shared.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS Azure CISA CISSP Cloud Compliance EDR Firewalls Forensics GCP GIAC IAM IDS Incident response IPS Monitoring Okta PowerShell Privacy Python Risk assessment Scripting SIEM SSO Threat intelligence VPN Vulnerability management Windows
Perks/benefits: Career development Competitive pay Equity Flex hours Flex vacation Home office stipend Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs