Cybersecurity Engineer — Job Description
Position summary
Protect systems, networks, and data by designing, implementing, and maintaining security controls; detect and respond to threats; and drive security improvements across the organization.
Key responsibilities
- Threat detection &* monitoring:* Deploy and tune SIEM, EDR/XDR, IDS/IPS, and other monitoring tools; analyze alerts and perform threat hunting.
- Incident response: Lead or participate in incident triage, containment, eradication, recovery, and post‑incident root‑cause analysis and reporting.
- Vulnerability management: Run vulnerability scans, prioritize findings, coordinate remediation, and verify fixes.
- Security architecture &* hardening:* Design and review secure architectures for cloud, on‑prem, and hybrid systems; implement hardening, segmentation, and least‑privilege controls.
- Identity &* access management (IAM):* Manage authentication, authorization, SSO, MFA, privileged access, and role‑based controls.
- Security tooling &* automation:* Deploy and automate security workflows using SOAR, scripts, IaC scanning (Terraform), and configuration management.
- Penetration testing &* red team collaboration:* Plan or coordinate pentests, remediate findings, and run tabletop exercises.
- Compliance &* governance:* Support audits, implement controls mapped to standards (e.g., NIST, ISO 27001, SOC 2, PCI), and maintain security policies.
- Data protection &* encryption:* Implement data classification, DLP, key management, encryption-at-rest and in-transit, and secure backup practices.
- DevSecOps &* secure SDLC:* Integrate security into CI/CD (SAST/DAST, dependency scanning), perform code reviews for security, and advise on secure design.
- Documentation &* training:* Produce runbooks, playbooks, and security guidance; provide security awareness training to staff.
- Vendor &* third‑party risk:* Assess third‑party security posture, manage risk, and review contracts for security requirements.
- Metrics &* reporting:* Track security KPIs (MTTR, mean time to detect, patching cadence, vulnerability trends) and report to stakeholders.
Required qualifications
- Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
- 3+ years experience in cybersecurity (varies by level).
- Hands‑on experience with SIEM (Splunk, Azure Sentinel, QRadar), EDR (CrowdStrike, Carbon Black), firewalls, and vulnerability scanners.
- Strong knowledge of network protocols, common attack vectors, and host/hardening controls.
- Experience with cloud security (AWS, Azure, GCP) and related security services.
- Scripting/automation skills (Python, PowerShell, Bash) and familiarity with Linux/Windows administration.
Preferred qualifications
- Certifications such as CISSP, CISM, CEH, OSCP, GCIA, or cloud security certs (CCSP, AWS/Azure/GCP security).
- Experience with SOAR, DLP, IAM solutions (Okta, Azure AD), container security, and Kubernetes hardening.
- Familiarity with compliance frameworks (NIST CSF, SOC 2, ISO 27001, PCI DSS).
- Prior experience in threat intelligence, red-team/blue-team exercises, or secure software development.
Pay: $7,240.99 – $9,493.53 per month
Work Location: In person
