Senior Cyber Security Engineer

Job Description

• Plan for, execute, and follow through on projects and engagements independently or with little guidance • Apply best practices in software engineering, delivering projects on time, on budget, and with excellent quality and security configurations • Review the existing and new deployments and architecture designs looking for design flaws, security improvements, and advocating for stronger security controls that meet functional and operational needs • Work hand-in-hand with the IT and Product teams to review, research, design and develop security solutions that enable productivity, but maintain security • Engage actively in software selection and deployment initiatives to assess and onboard security and other technical solutions for endpoints, development and production environments. Documenting findings, conduct comparisons, and Proof of Concepts aiding the team in making informed decisions • Review and design the automation and orchestration aspects of security processes and tooling to integrating with APIs and applications/workflows across the organization • Identify, Develop, and deliver dashboards and report metrics on the status of the Cyber Security posture, and develop dashboards, reports, and define metrics for cross-functional teams • Moderate and contribute to deployments and administrative controls that contribute to: • Proactive monitoring, analysis, and correcting system security issues • Development of scripts to automate, perform security checks, and develop tools to enhance support of the infrastructure and endpoint systems • Implement and deploy solutions to protect infrastructure and Intellectual Property • Developing playbooks/runbooks, operational and troubleshooting documentation for use internally and with external MDR providers • Manage solutions for protection of Mail Flows/attachments, EDR, DLP, CASB, and system compliance • Provide ongoing support for various Incident, Vulnerability, and Security event workflows

Qualifications

• Bachelor's degree in Computer Engineering, Computer Science, Electrical Engineering, Robotics or a related field and 2+ years of relevant experience, Master's degree, or PhD • 2+ years of related experience Incident Response management and assessing the risk/severity rating of incidents and exposures • Hands-on experience with tooling in the EDR, DLP, CASB, and Logging/Alerting tools and Compliance/Response space • Experience with MacOS, Linux, and Windows Systems Administration using configuration management software and tooling to manage systems across a large and distributed environments • Strong understanding of Cyber Security Standards (ISO27001, NIST 800-53, CIS Benchmarks) • Ability and experience with automation of Security Standards and Compliance scanning and configurations, and detections for non-compliance • Must have demonstrated proficiency and strength in verbal, written, presentation, and communications skills, including technical diagramming, interactions cross-functionally with teams outside of the Cyber Security Team • High proficiency in Tooling for Identity Management and Authentication Solutions, Mobile Device Management, and Data Protection Tooling • Proficiency in scripting languages, including Bash, Python, Go, or Java to create production level services and tools • Proficiency in using Infrastructure as Code (IaC) to automate the deployment of Cyber Security Solutions. E.g. Terraform, Ansible, or others • Ability to grasp new technologies quickly, prioritize and multitask on multiple responsibilities • Hands-on Experience with patching and hardening Linux, MacOS, and Windows Systems (clients and servers). With experience defining and reporting compliance of Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls • Proficient in Network Protocols and Host Firewall Management, with hands-on experience in configuration and optimization to ensure infrastructure network security at the host level and at perimeters • Critical thinking and a holistic view of Cyber Security with ability to balance security requirements with mission needs and collaboration across teams • Exceptional organizational and time management skills demonstrated through adept autonomy, creation of timelines, scope and priorities, independent work, collaborative teamwork, and a professional demeanor • Strong experience with architecting/deploying scalable security services and workloads in the infrastructure and endpoint space. Minimizing impact with regard to functional impact on compute workloads running on CPUs, GPUs, and Memory utilization • Understand engineering design limitations and provide guidance for teams to secure their deployments to achieve desired performance in budget and on time • An Independent take-charge attitude while being open-minded, creatively thinking, willing to take calculated risks, and make informed decisions • A sense of camaraderie, compassion, and unparalleled passion/energy

Benefits

• Competitive compensation packages • High-quality individual and family medical, dental, and vision insurance • Health savings account with available employer match • Employer-matched 401(k) retirement plan with immediate vesting • Employer-paid group term life insurance and the option to elect voluntary life insurance • Paid parental leave • Paid medical leave • Unlimited vacation • 15 paid holidays • Complimentary daily lunches, beverages, and snacks for onsite employees • Pre-tax spending accounts for healthcare and dependent care expenses • Pre-tax commuter benefits • Monthly wellness stipend • Adoption/Surrogacy support program • Backup child and elder care program • Professional development reimbursement • Employee assistance program • Discounted programs that include legal services, identity theft protection, pet insurance, and more • Company and team bonding outlets: employee resource groups, quarterly team activity stipend, and wellness initiatives