Join our security team and help secure our organization through maintaining, engineering, and deploying security solutions. We use industry-standard security tools, in an automated fashion, to ensure our security teams can operate effectively and provide security to the company.
Responsibilities:
As an individual contributor on our Cybersecurity engineering team, you'll have a broad set of responsibilities including (the mix will depend on your interests and skill level):
- Troubleshooting security problems
- Assist in the management and deployment of security products on endpoints, servers, and virtual desktops
- Design, operate, and maintain a vulnerability management program.
- Conduct vulnerability assessments and penetration testing on networks, web applications, and systems.
- Analyze security weaknesses and provide actionable remediation recommendations.
- Assist the Security Team in responding to and remediating system and/or network security breaches
- Plan, implement, manage, monitor, and upgrade security measures for the protection of the organizations data, systems, and networks
- Ensure that the organizations data and infrastructure are protected by enabling the appropriate security controls
- Plan, create, and implement cybersecurity processes and policies
- Engage in domain-specific threat modeling and attack surface analysis/reduction
- Identify information and logs to monitor, then design and engineer the process for gathering that information
- Promotes best practices and design patterns
- Willing to do remote support for Helpdesk team escalated suppprt cases
- Willing to learn newer technology / product / solutions based on customers needs.
Required Skills:
- OSCP / OSWP / eJPT or equivalent VAPT certifications
- Proficient in exploring, evaluating, and integrating new technologies, programming languages, data models, or frameworks.
- Easily pick up new technologies and are keen to expand your knowledge
- Experience in the development of projects related to network and security automation.
- Experience in infrastructure and automation processes and tools including Ansible, and Terraform
- Fundamental knowledge of SSH, TCP/IP, UDP, SSL, HTTP, HTTPS, PKI, DNS, and other common protocols.
- Advanced experience in development in languages such as Python, bash, or Golang
- Advanced knowledge of security controls, audits, and configurations related to: Windows, Linux, ChromeOS, and macOS ,AWS
Preferred Experience (Optional but valued)
- Experience in common continuous integration tools such as GitHub Actions, Jenkins and CircleCI.
- Advanced experience with the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework
- Experienced DevOps or DevSecOps practitioner
- Advanced knowledge of security controls, audits, and configurations including SIEM (Splunk, QRadar) & EDR (Crowdstrike, Carbon Black)
