Security Engineer II, Network and Data Security

Job Title: Security Engineer II, Network and Data Security
Work Location: Los Angeles, CA 90032 | Open to remote.
Assignment Duration: Direct Hire
Work Hours: 8:00 AM – 5:00 PM
Annual salary range: $110K– $123K/year
Interview Process: 2–3 steps via Video/Teams
Dress Code: Business Casual
Remote Work and Onsite Expectations:

• Remote work is acceptable. Preference is given to candidates in PST or CST; however, EST candidates will be considered as long as they can work PST hours.
• Equipment shipping available for candidates located 2+ hours driving distance from the office.

 
Summary:

• The Network and Data Security Engineer safeguards the network perimeters, internal network segments, and data stores.
• Oversees firewalls, network intrusion detection/prevention (IDS/IPS), network segmentation, and manages email security defenses.
• Also administers data protection technologies – e.g. data classification, Data Loss Prevention (DLP), encryption for data at rest and in transit – to protect sensitive clinical and patient information.
• By focusing on both network traffic monitoring and safeguarding data, this function covers key “Protect” controls (in NIST terms) to uphold confidentiality and integrity of data.

 
Minimum Education:

• Associate's degree - Computer Science or a related field OR the equivalent combination of experience and education that would demonstrate the capability to successfully perform the essential functions of this position.

 
Minimum Experience:

• 5 years - Experience in Information Security.

 
Key Skillset:

• Hands-on experience with email defense (Proofpoint) and Network security - not only Zscaler, but someone in InfoSec that can work closely with Networking for alignment.
   

Preferred

• Healthcare experience.
• PCI, HIPAA, NIST experience.
• Security control concepts: physical, logical, and administrative.

 
Key Responsibilities & Accountabilities:

• Assist SOC with monitoring IDS/IPS, firewall, and email alerts.
• Assist with responding to DLP alerts and escalate potential exfiltration.
• Validate operational state of critical network security systems.
• Review quarantined items or blocked traffic requiring validation.
• Assist with Tuning firewall, IPS, and email security rules.
• Validate segmentation controls for key systems.
• Review DLP policy accuracy and refine triggers.
• Coordinate with SOC on correlated events.
• Perform firewall rule reviews/cleanup.
• Audit data flows for PHI/PCI/sensitive systems.
• Conduct architecture assessments for upcoming changes.
• Review encryption posture.
• Publish network and data protection metrics.

 
Incident & RACI Expectations:

• Responsible for coordinating remediation on network segmentation, firewalling, and intrusion prevention.
• Consulted during major incidents to identify root causes and remediation guidance.

 
Licenses/Certifications:

• One (or more) of the following security certifications: ISC2 certificates, GIAC certificates, CISM/A, CEH, etc.

 

At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position's starting pay is: $110240.00/Yearly.