Security Lead
CellPoint Digital
AWSAzureCloud
Information Security Engineer
Everly Health
full-time
Posted on:
Location Type: Hybrid
Location: Austin • Texas • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
CloudCyber SecuritySDLC
About the role
- Threat Detection: It's important to detect security incidents before they cause material damage to the business. You will detect attacks and prioritize, analyze and drive alerts to resolution. In the event an alert is identified as a security incident, you will kick off
- - Incident ResponseIncident Response: You will rapidly scope, contain and eradicate threats, minimizing financial, legal, business and content losses. Services include but are not limited to root-cause analysis, memory and disk forensics, reverse engineering, network containment, threat eradication and postmortems. You will also develop and refine processes, plans and procedures and partner closely with Legal, Comms and other stakeholders across the business.
- - Design and carry out security incident preparedness activities, such as compromise assessments and tabletop exercises, and conduct training and awareness sessions for relevant staff.
- - Deploy and support tools to collect and correlate security telemetry. Tooling includes Network Detection and Response, SIEM, Endpoint Detection and Response, Threat Intelligence platforms, and Security Orchestration Automation and Response tools.
- - Design and implement security controls across cloud, network, and application layers.
- - Drive the adoption of best practices for security through the SDLC
- - Build automated guardrails to enhance the security of our applications
- - Automate vulnerability management, secrets management, and patching.
- - AI first mindset for building out Security Automations and Threat Detection
- - Educate the engineering team on defensive coding
- - Support HIPAA, HITRUST, and SOC2 compliance efforts.
- - Work with Privacy and Compliance to document and monitor our security practices.
- - Partner with product engineering teams on secure cloud development practices and build security automation into CI/CD pipelines
- - Improve vulnerability management processes and security control maintenanceCollaborate with senior leaders to assess near-term and long-term security needs.
- - Collaborate with senior leaders to assess near-term and long-term security needs.
Requirements
- Naturally curious and interested in security and privacy
- Comfortable engaging with departments outside of engineering to heighten security
- Experience with vulnerabilities, exploits, and their defenses
- Can balance articulating the big picture and details depending on the audience
- Eager and excited to evangelize security
- Knowledge of Cybersecurity Frameworks: HITRUST, NIST, ISO
- Collaborates well with cross functional team members: product, compliance, privacy, and engineering in a fast paced, regularly changing environment
- Is most comfortable when there’s too much to do and can juggle a variety of tasks
- Everyone knows that when you take on a task whether it’s huge and scary or tiny and boring, you’re going to see it through.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
threat detectionincident responseroot-cause analysismemory forensicsdisk forensicsreverse engineeringnetwork containmentvulnerability managementdefensive codingsecurity automation
Soft skills
curiositycommunicationcollaborationadaptabilityevangelismtask managementproblem-solvingengagementattention to detailbig picture thinking
Certifications
HITRUSTNISTISOHIPAASOC2
Similar jobs on JobTailor
Cyber Security Engineering Lead
Capital One
Cyber SecurityServiceNow
Cybersecurity Engineer
AIG
AWSAzureCloudCyber SecurityLinuxPythonSplunkTCP/IPUnix
Staff Software Developer, Cybersecurity
GEICO
AnsibleAWSAzureCloudCyber SecurityDistributed SystemsGoogle Cloud PlatformGrafanaJenkinsLinuxMacOSPrometheus+2 more