Need CA Locals - Security Engineer // San Francisco, CA - Hybrid Onsite 4 days // Contract

[Mohammed Humair]

Job Title: Security Engineer

Location: San Francisco, CA - Hybrid Onsite 4 days - ONLY LOCALS

Duration: 3-4 months

 

This is a contract position and requires 4 days a week onsite in San Francisco.

 

H1B/H4-EAD PP No. Mandatory

No Third Party GC

10+ Years Experience.

Need CA Locals 

 

Job Description:

We are looking for an IT Security Specialist to support daily cybersecurity operations for a growing organization in San Francisco, California. This Long-term Contract position is ideal for a hands-on, detail-oriented security specialist who can independently investigate threats, strengthen vulnerability management practices, and collaborate across IT, compliance, and security teams. The role also contributes to employee security education, asset visibility, and incident documentation while helping maintain a strong operational security posture.

 

 

Responsibilities:

• Monitor and assess security events generated by detection platforms, investigate suspicious activity, and escalate validated threats as needed.

• Perform incident analysis to determine underlying causes, document conclusions, and recommend practical corrective actions.

• Review data protection alerts for signs of policy breaches, unauthorized data movement, or insider risk, and coordinate escalation with appropriate stakeholders.

• Refine data loss prevention rules and alert logic to improve signal quality while preserving effective monitoring coverage.

• Maintain the enterprise asset inventory, verify device classification accuracy, and work with IT teams to address unknown or unmanaged assets.

• Run automated penetration testing activities, evaluate attack path results, and partner with technical teams to prioritize and remediate identified weaknesses.

• Oversee ongoing vulnerability scanning, interpret findings based on risk and asset importance, and track remediation progress through completion or documented exception.

• Deliver security awareness sessions for new hires and support phishing simulation campaigns, including follow-up education for higher-risk user groups.

• Coordinate security-related work across IT, compliance, and internal security partners while keeping operational procedures, runbooks, and incident records current.

 

Qualifications:

• At least 6 years of experience in security operations, cybersecurity analysis, or a similar hands-on information security role.

• Practical experience with vulnerability management tools, ideally including Tenable, and the ability to prioritize remediation based on business risk.

• Working knowledge of security monitoring and alert investigation processes across multiple security technologies.

• Familiarity with data privacy principles, data protection monitoring, and data classification concepts.

• Understanding of cyber governance practices and the ability to collaborate with compliance and audit-focused teams.

• Experience supporting asset inventory accuracy and identifying systems that require onboarding, review, or remediation.

• Strong written and verbal communication skills with the ability to document incidents and explain findings clearly to different audiences.

• Comfortable working independently in a structured security environment while coordinating effectively with cross-functional teams.

Mohammed Humair || Senior Recruiter

Email: hum...@aptivacorp.com

Web: https://www.aptivacorp.com/

LinkedIn: linkedin.com/in/mohammed-humair-058473124