Cyber Security Engineer

Role Overview

We're hiring a hands-on Security Engineer to strengthen security across identity, endpoints, applications (DevSecOps), detection/response, and compliance. You'll work closely with Engineering and Infrastructure teams to reduce risk, automate controls, and improve detection and response capabilities.

Key Responsibilities

• Identity & Access Security: Implement SSO (SAML/OIDC), MFA, conditional access, and mitigate social engineering risks
• Endpoint & MDM Security: Enforce device security baselines (Windows/macOS/Linux/iOS/Android), compliance monitoring
• DevSecOps: Embed SAST, DAST, SCA, IaC security into CI/CD; define secure SDLC practices
• Secrets Management: Implement centralized secrets management; prevent credential leakage
• Detection & Threat Hunting: Build detections aligned to MITRE ATT&CK; improve telemetry and alert quality
• Security Automation: Develop runbooks/playbooks to improve MTTD/MTTR and reduce manual effort
• Purple Teaming: Run adversary simulations and translate findings into improvements
• Security Controls & Compliance: Implement MAS TRM, CIS benchmarks, and support SOC2/PCI-DSS readiness

Required Skills & Experience

• 5–10 years in Security Engineering / DevSecOps / AppSec / Detection Engineering
• Strong experience with SSO (SAML/OIDC), MFA, identity security
• Hands-on with DevSecOps tools (SAST, DAST, SCA, IaC security)
• Experience with secrets management and credential protection
• Familiar with MITRE ATT&CK and detection engineering
• Experience building automation (SOAR, scripting, APIs)
• Knowledge of CIS benchmarks / security baselines
• Strong stakeholder management and communication skills

Nice to Have

• SOC 2 / PCI-DSS experience
• Cloud security (AWS/GCP/OCI)
• SIEM/EDR tools (e.g., CrowdStrike)
• Kubernetes / container security
• Certifications (CISSP, CCSP, GIAC, OSCP)