IAM Cybersecurity Engineer (Permanent – Hybrid – Walnut Creek, CA)

Our client, a prominent organization in the Information Technology sector, is looking for a skilled IAM Cybersecurity Engineer. This permanent position is based hybrid in Walnut Creek, California, requiring 3 days in the office per week. This role is crucial for leading projects to design, implement, and enhance cybersecurity controls, thereby protecting a large and complex IT environment. You’ll be a key player in ensuring ongoing support, mentoring junior team members, and fulfilling routine cybersecurity tasks.

At AAA, their team members strive to deliver exceptional service, helping their Members outsmart life’s roadblocks. They believe everything you do outside of work adds to who you are at work, fostering a mission to create Members for life by unleashing the innovative spirit of their Team Members. Join a collaborative environment where your contributions are highly valued.

Why Work For This Organization?

• Great Pay: Opportunity to participate in a discretionary annual incentive plan or other incentive plans, depending on your position, offering competitive compensation.
• 401k Matching: Benefit from a generous $1 for $1 company match, up to 6% of eligible earnings per pay period, securing your financial future.
• Comprehensive Benefits: Access robust medical, dental, and vision insurance, along with a wellness program and other comprehensive benefits.
• Paid Holidays: Enjoy paid holidays, promoting work-life balance.
• Paid Time Off: Team Members accrue paid time off monthly, and depending on your position, an additional 24 hours per year are earmarked for volunteer activities, encouraging community engagement.
• Collaborative Environment: Work in a collaborative environment where your contribution to providing exceptional service to members is highly valued.
• Free AAA Classic Membership: Receive a complimentary AAA Classic Membership, providing access to exclusive member benefits.
• AAA Product Discounts: Enjoy discounts on various AAA products, adding extra value.
• Tuition Reimbursement Program: Benefit from a Tuition Reimbursement Program, supporting your continuous learning and professional development.

Job Summary: Leading Cybersecurity Controls and Mentoring Talent

The IAM Cybersecurity Engineer plays a pivotal role in strengthening the overall cybersecurity posture of Mountain West Group. Reporting to the Director, Cyber Security and Network Engineering, this position demands proficiency across all aspects of information security. You will provide ongoing support and mentorship to more junior team members, ensuring their growth and development, while also expertly fulfilling routine cybersecurity tasks. A core responsibility includes rigorously testing the effectiveness of security controls and providing strategic advice to business partners on a wide range of cybersecurity topics.

Responsibilities / Job Duties: Driving Security Enhancements and Compliance

As an IAM Cybersecurity Engineer, your responsibilities will blend hands-on technical execution with strategic oversight and cross-functional collaboration, ensuring the robust protection of a complex IT environment.

• Respond to Cybersecurity-Related Requests: You will be the primary point of contact for responding to cybersecurity-related requests, taking appropriate action, which includes meticulously approving, fulfilling, or rejecting requests. This requires careful assessment of security implications and working closely with business partners to meet their legitimate needs while maintaining security standards. Your judgment ensures that all access and changes adhere to strict security protocols.
• Manage and Maintain Cybersecurity Tools: You will be responsible for the full lifecycle of managing and maintaining cybersecurity tools. This encompasses applying necessary patches to keep tools updated and secure, as well as overseeing the onboarding and offboarding of these tools within the security ecosystem. Your diligence ensures that security tools are always operational, effective, and fully integrated into the security infrastructure.
• Manage Projects, Initiatives, and Changes: You will take a leading role in managing cybersecurity projects, initiatives, and changes. This involves comprehensive planning to define scope and objectives, meticulous scheduling to ensure timely delivery, seamless implementation of new security controls or systems, and rigorous reporting of status to all relevant stakeholders. Your project management skills will be crucial for successful security enhancements.
• Audit and Improve Security Controls: You will actively audit various security controls, including firewall rules, cloud and SaaS security configurations, and API controls. Through these audits, you will meticulously recommend improvements to enhance their effectiveness, mitigate risks, and ensure compliance with internal policies and industry best practices. Your proactive approach strengthens the organization’s defense mechanisms.
• Detect and Remediate Vulnerabilities: You will work in close collaboration with application, cloud, and infrastructure teams to effectively detect and remediate vulnerabilities. This includes identifying weaknesses in system configurations and in-house developed software. Your efforts will minimize the attack surface and strengthen the overall security posture by ensuring that known flaws are addressed promptly and effectively.
• Conduct Periodic Testing of Security Controls and Establish Metrics: You will regularly conduct periodic testing of security controls to evaluate their effectiveness. This involves performing various assessments to ensure controls are functioning as intended and providing the expected level of protection. Based on these evaluations, you will recommend improvements and establish and collect risk-based metrics to measure control effectiveness and overall security posture, informing data-driven security decisions.
• Assist with Development of Security Requirements: You will provide crucial assistance in the development of security requirements and assessment procedures for business use of technologies. This involves translating business needs into actionable security mandates, ensuring that new technologies and applications are securely designed and implemented from the outset.
• Other Duties as Assigned: You will be flexible and willing to perform other duties as assigned by the Director, Cyber Security and Network Engineering, contributing to the overall success and adaptability of the cybersecurity department.

Knowledge, Skills, and Abilities: Your Core Competencies

• Ability to Lead Individual Projects: You possess the proven ability to lead individual projects from conception to completion, demonstrating strong project management and ownership skills.
• Strong Oral and Written Communication Skills: You have strong oral and written communication skills, essential for articulating complex cybersecurity concepts clearly to technical teams, business partners, and leadership.
• Act as a Team Player: You are a natural team player, demonstrating a collaborative spirit and contributing positively to group efforts and shared security goals.
• Act with a Sense of Urgency: You act with a sense of urgency to effectively resolve requests and respond to incidents, recognizing the critical nature of cybersecurity operations.
• Ability to Weigh Request Reasonableness: You have the discerning ability to weigh whether a request is reasonable before fulfilling it, ensuring that security is balanced with operational needs and that exceptions are justified.

Education, Competencies, Certifications/Licenses: Your Foundational Expertise

• Educational Background: A Bachelor’s Degree in Information Technology or a related field, or equivalent work experience and education, is required.
• Information Technology Field Experience (5+ years): You must have 5+ years of experience in the information technology field, demonstrating a broad understanding of IT systems and operations.
• Cybersecurity Experience (4-7 years): You possess 4-7 years of dedicated cybersecurity experience, indicating significant practical knowledge of security principles and practices.
• Core Security Concepts Application (1+ year): You have at least one year of experience in one or two applications of core security concepts, including:
  • Security Operations and Administrations: Daily management and oversight of security tools and processes.
  • Access Controls: Managing and enforcing user permissions and system access.
  • Risk Identification, Monitoring, and Analysis: Proactively identifying, tracking, and assessing security risks.
  • Incident Response and Recovery: Handling security breaches and restoring systems.
  • Cryptography: Understanding encryption and secure communication.
  • Network and Communications Security: Securing network infrastructure and data in transit.
  • Systems and Application Security: Protecting operating systems and software applications from vulnerabilities.
• Information or Cyber Security Certification: You hold a valid Information or Cyber Security Certification (e.g., CompTIA Security+, CySA+, CEH).

Preferred Qualifications: Enhancing Your Profile

• Project Management Experience: 2 years of project management experience is preferred, further strengthening your ability to lead initiatives.
• Advanced Certifications: Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) certifications are highly preferred, validating expert-level knowledge in information security and cloud security respectively.

What We Offer: Rewarding Your Contributions

• Competitive Salary and Incentives: Enjoy competitive pay with the opportunity to participate in a discretionary annual incentive plan or other incentive plans, reflecting the value of your contributions. The compensation range is targeted between Min: $129,223.00 – Mid: $161,528.00 – Max: $193,834.00, with all offers subject to a fair pay analysis.
• Robust 401k Matching: Benefit from a strong 401k matching program, with $1 for $1 company match up to 6% of eligible earnings per pay period, significantly boosting your retirement savings.
• Comprehensive Benefits Package: Access robust medical, dental, and vision coverage, along with a wellness program and more, ensuring your health and well-being are prioritized.
• Paid Time Off and Holidays: Enjoy generous paid holidays and monthly accrual of paid time off. Additionally, 24 hours per year are earmarked for volunteer activities, encouraging community engagement.
• Collaborative Environment: Work in a highly collaborative environment where your contributions to providing exceptional service to members are genuinely valued.
• Free AAA Classic Membership and Product Discounts: Receive a complimentary AAA Classic Membership and enjoy discounts on various AAA products, providing extra perks.
• Tuition Reimbursement Program: Take advantage of a Tuition Reimbursement Program, supporting your continuous learning and professional development.