Lead security design and threat modeling for new and existing systems (cloud, application, data, network)
Implement and manage core controls: IAM/SSO, least privilege, network segmentation, encryption and key management, secrets management, endpoint and email security
Build and operate detection and response capabilities: SIEM/EDR/SOAR, log pipelines, alert tuning, use-case development, threat hunting
Own vulnerability remediation: scanning, triage, risk-based prioritization, remediation with product/IT teams, tracking to closure
Strengthen application and cloud security: SAST/DAST/SCA, secure SDLC, CI/CD guardrails, IaC scanning, container/Kubernetes runtime protections, CSPM/CIEM
Coordinate and support security testing: internal reviews, penetration tests, red/purple team, tabletop exercises; drive remediation and lessons learned
Lead/participate in incident response: triage, containment, eradication, recovery, forensics, root-cause analysis, post-incident reports and runbooks
Define and maintain security standards, baselines, hardening guides, and architecture diagrams
Monitor and report security metrics, KPIs/KRIs, and risk posture to stakeholders
Support audits and compliance efforts (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA) and align controls to frameworks (NIST CSF, CIS Controls)
Conduct third‑party/vendor security reviews and support contract/security requirements
Drive security awareness initiatives and phishing simulations; mentor engineers on secure practices
Contribute to business continuity and disaster recovery planning and testing
Automate repetitive tasks and integrations to improve scale and reliability

Requirements

Bachelor’s in Computer Science, Engineering, Information Security, or equivalent practical experience
3+ years of hands-on cybersecurity engineering, blue team, or security operations experience (adjust years for your level)
Strong understanding of networks and protocols (TCP/IP, DNS, HTTP(S)/TLS, routing, VPN, firewalls, Zero Trust concepts)
Practical experience with two or more: SIEM, EDR, IDS/IPS, WAF, CSPM/CIEM, vulnerability scanners, SAST/DAST/SCA, PAM/IGA, PKI
Cloud security experience in at least one major cloud (AWS/Azure/GCP): IAM, network security, KMS, logging/monitoring, security services
Proficiency in scripting/automation (e.g., Python, Bash, PowerShell) and exposure to IaC/Config management (Terraform, CloudFormation, Ansible)
OS administration and hardening (Windows, Linux, macOS) and endpoint security fundamentals
Familiarity with MITRE ATT&CK, common attack techniques, and modern detection strategies
Experience participating in incident response and writing/runbook-level documentation
Knowledge of cryptography basics (encryption at rest/in transit, key rotation, cert management)
Clear communication skills and ability to partner with cross‑functional teams
Must be a US citizen living within the United States.
Must have approved Commercial Personnel Certification in alignment with DoD Cyberspace Workforce Framework (DCWF)
CompTIA Network+, CND, etc., or
A qualifying Academic Degree/Education Certificate
Understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC.

Benefits

Medical/Dental/Vision
Employee Premiums are 100% Company Paid
Life Insurance
Flexible Work Hours
Unlimited Paid Time Off (PTO) with federal government holidays
Competitive Compensation
401k
Company Stock Options
Home Office Setup Budget
Reimbursement for approved trainings and subscriptions
Conferences (travel, lodging, and fees)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity engineeringthreat modelingvulnerability remediationcloud securityscriptingOS administrationnetwork securityencryptionincident responsesecurity testing

Soft Skills

clear communicationmentoringcollaborationproblem-solvingleadershiporganizational skillsanalytical thinkingattention to detailadaptabilityinitiative

Certifications

CompTIA Network+CNDCommercial Personnel CertificationBachelor’s in Computer ScienceBachelor’s in EngineeringBachelor’s in Information SecurityNIST 800-171NIST 800-53SOC 2ISO 27001