Principal Information Security Operations Engineer

Company: Matson
Location: Oakland
Posted on: February 15, 2021

Job Description:

Principal Information Security Operations Engineer Requisition #: 1380 Company: MATSON NAVIGATION COMPANY, INC. City: Oakland State/Territory: California Department: IT SERVICES # of openings: 1 Description Matson, Inc. (NYSE:MATX) is a leading U.S. transportation and logistics company. Founded in 1882, our mission is simple: To move freight better than anyone. Our services span the Pacific, where we provide a vital lifeline to the economies of Hawaii, Alaska, Guam, Micronesia and islands in the South Pacific while delivering a wide range of multi-modal services throughout North America. Through our businesses, Matson Navigation, Matson Logistics, Matson Terminals and Span Alaska, we have created a global transportation network defined by on-time arrivals, award winning customer service and industry leader designations. The company's success is entirely employee-driven, the product of a corporate culture and atmosphere that puts high value on professionalism, experience, accountability and respect.

A reflection of our deep roots and historical connection with the islands of Hawaii, our culture was built over more than 100 years on the Hawaiian notion of 'ohana - family. It is why people come to Matson and enjoy long successful careers. Our values and our behaviors are shaped and guided by a sense of obligation to each other and the betterment of the organization. At Matson, it doesn't matter whether you work in Hawaii, Alaska, Washington, California, Arizona, Illinois, Georgia or Guam, we strive to "do the right thing," trust in each other and contribute positively to the communities in which we live and work.

If you are searching for a meaningful career filled with challenging assignments, continuous learning opportunities, diverse work environments and social and philanthropic activities, we encourage you to learn more about Matson. Our employees enjoy competitive pay and benefits, company-funded retirement, robust recognition programs and a variety of life and wellness programs. Please visit www.matson.com to learn more about Matson and our open positions. The Principal Information Security Operations Engineer is a position within IT Services with broad, company-wide responsibilities across multiple security domains. The ideal candidate should have a proven history in proactive security risk mitigation and reactive incident response with the appropriate sense of urgency. The successful candidate will have a good mix of hands-on technical knowledge as well as higher-level information security concepts, risk assessment methodologies, and security practices. This individual will have to be proactive, organized, analytical, detail oriented, and persistent. Primary Duties and Responsibilities: The Principal Information Security Operations Engineer is a key role in our Enterprise Information Security team and works directly with the Director, Information Security to develop and oversee implementation of our security requirements throughout the Matson environment. Responsibilities include the following:

• Security Operations: Tactical
  • Manage day-to-day security operational tasks such as security event monitoring, log monitoring and security incident management, compliance monitoring, data loss prevention, and monitoring and responding to emerging threats varying from endpoint to server to public cloud system.
  • Act as primary support contact for security incidents, and provide direction to infrastructure and applications teams to initiate incident response. Liaison with internal and parties to address security concerns. Perform root cause analysis so we can continuously improve our prevention, reaction, and remediation of incidents.
  • Perform periodic testing for compliance with documented security policies, procedures, and standards.
    
  • Security Engineering: Strategic
    • Perform ongoing technical risk and vulnerability assessments including vulnerability scanning and vulnerability exploit testing (penetration testing) and threat modeling with clear reporting, threat identification and action plans for remediation with prioritization. This will also include any assessments for changes that the security team has identified as requiring a vulnerability assessment prior to release.
    • Assist in developing security policies, controls, procedures, and standards requirements to support the full life cycle protection of confidential information.
    • Initiate, facilitate, and promote activities to foster Information Security awareness.
    • Security Infrastructure
      • Research, recommend, deploy and integrate the security tools and processes needed to protect the information assets and infrastructure.
      • Consult with applications teams on secure applications development and perform security reviews on third party applications as well as providing technical guidance and security training to development teams.
      • Advise on secure application development and infrastructure support and drive implementation of recommendations through project teams.
        
      • Perform special projects as assigned.
      • Strong SIEM deployment skills with one more of the following: Splunk, ELK, QRadar. Position requires ability to run complex reports, make dashboards and tune alerts.
      • Strong understanding of networking concepts and protocols (BGP, TCP/IP layers, DNS, SMTP, SSL, etc.)
      • Experience with using threat intelligence tools (Virustotal, XForce Exchange, TruStar) and ISAC cooperation
      • Experience and knowledge of network firewalls (Palo Alto, Checkpoint) and security technology (FireEye NX,HX,PX, Splunk) and other IDS/IPS and network monitoring tools
      • Technical knowledge in system and network security, authentication and security protocols, and application security
      • Experience writing runbooks, playbooks and orchestration tools
      • Strong python skills a plus
      • Experience managing vulnerability scanning tools (Qualys, Rapid7, Nessus, etc.)
      • Experience managing, configuring and tuning a WAF
      • Experience with Identity and Access concepts and technologies to secure production and corporate access, such as: SSO, SAML Federated Identity, RBAC, authentication & authorization solution etc. Qualifications, Education and Experience:
        • 10+ years hands-on security experience.
        • 5+ years of experience in technical security positions, Tier 3 SOC experience required and mentoring Tier 1-2 Staff. This role will be responsible for continuous process improvement of daily operations. The role will be the technical team lead.
        • This position requires following security news, attending security conferences and industry events. The candidate should be interested in public speaking or presenting at security conferences. Previous speaking experience is a plus.
        • Familiar with coordinating 24x7 around the clock resources
        • Strong security research and root cause analysis skills to identify and analyze potential security vulnerabilities
        • Self-organize: ability to plan, document, and execute complex tasks to a high quality standard
        • Background in security operations, project management, or information security, with knowledge of Cloud security models and controls (AWS)
        • Strong understanding of web vulnerabilities and weaknesses (cross-site scripting, cross-site request forgery, etc.)
        • Experience working with internal and external auditors on compliance initiatives
        • Customer service experience/Strong customer focus to analyze customer reported security issues
        • Ability to multi-task in a fast-paced environment
        • Security related certifications a plus - Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH) GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analyst (GCFA), etc. Matson is an equal opportunity employer committed to a diverse and inclusive workforce. Applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), age, sexual orientation, national origin, marital status, parental status, ancestry, disability, AIDS/HIV status, gender identity, gender expression, veteran status, genetic information, other distinguishing characteristics of diversity and inclusion, or any other protected status.
          
          Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with federal and state laws, as well as applicable local ordinances, including, but not limited to, the San Francisco and Los Angeles Fair Chance Ordinances. Matson is an equal opportunity employer committed to a diverse and inclusive workforce. Applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), age, sexual orientation, national origin, marital status, parental status, ancestry, disability, AIDS/HIV status, gender identity, gender expression, veteran status, genetic information, other distinguishing characteristics of diversity and inclusion, or any other protected status.
          
          Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with federal and state laws, as well as applicable local ordinances, including, but not limited to, the San Francisco and Los Angeles Fair Chance Ordinances.

Keywords: Matson, Oakland , Principal Information Security Operations Engineer, Engineering , Oakland, California