Cybersecurity Consultant / vCISO
Strata Information Group
CloudCyber Security
Cybersecurity Engineer
Istari
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $98,400 - $147,600 per year
Job Level
Mid-LevelSenior
Tech Stack
AnsibleAWSAzureCloudCyber SecurityDNSFirewallsGoogle Cloud PlatformKubernetesLinuxMacOSPythonSDLCTCP/IPTerraform
About the role
- Lead security design and threat modeling for new and existing systems (cloud, application, data, network)
- Implement and manage core controls: IAM/SSO, least privilege, network segmentation, encryption and key management, secrets management, endpoint and email security
- Build and operate detection and response capabilities: SIEM/EDR/SOAR, log pipelines, alert tuning, use-case development, threat hunting
- Own vulnerability remediation: scanning, triage, risk-based prioritization, remediation with product/IT teams, tracking to closure
- Strengthen application and cloud security: SAST/DAST/SCA, secure SDLC, CI/CD guardrails, IaC scanning, container/Kubernetes runtime protections, CSPM/CIEM
- Coordinate and support security testing: internal reviews, penetration tests, red/purple team, tabletop exercises; drive remediation and lessons learned
- Lead/participate in incident response: triage, containment, eradication, recovery, forensics, root-cause analysis, post-incident reports and runbooks
- Define and maintain security standards, baselines, hardening guides, and architecture diagrams
- Monitor and report security metrics, KPIs/KRIs, and risk posture to stakeholders
- Support audits and compliance efforts (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA) and align controls to frameworks (NIST CSF, CIS Controls)
- Conduct third‑party/vendor security reviews and support contract/security requirements
- Drive security awareness initiatives and phishing simulations; mentor engineers on secure practices
- Contribute to business continuity and disaster recovery planning and testing
- Automate repetitive tasks and integrations to improve scale and reliability
Requirements
- Bachelor’s in Computer Science, Engineering, Information Security, or equivalent practical experience
- 3+ years of hands-on cybersecurity engineering, blue team, or security operations experience
- Strong understanding of networks and protocols (TCP/IP, DNS, HTTP(S)/TLS, routing, VPN, firewalls, Zero Trust concepts)
- Practical experience with two or more: SIEM, EDR, IDS/IPS, WAF, CSPM/CIEM, vulnerability scanners, SAST/DAST/SCA, PAM/IGA, PKI
- Cloud security experience in at least one major cloud (AWS/Azure/GCP): IAM, network security, KMS, logging/monitoring, security services
- Proficiency in scripting/automation (e.g., Python, Bash, PowerShell) and exposure to IaC/Config management (Terraform, CloudFormation, Ansible)
- OS administration and hardening (Windows, Linux, macOS) and endpoint security fundamentals
- Familiarity with MITRE ATT&CK, common attack techniques, and modern detection strategies
- Experience participating in incident response and writing/runbook-level documentation
- Knowledge of cryptography basics (encryption at rest/in transit, key rotation, cert management)
- Clear communication skills and ability to partner with cross‑functional teams
- Must be a US citizen living within the United States.
- Understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC.
Benefits
- Medical/Dental/Vision
- Employee Premiums are 100% Company Paid
- Life Insurance
- Flexible Work Hours
- Unlimited Paid Time Off (PTO) with federal government holidays
- Competitive Compensation
- 401k
- Company Stock Options
- Home Office Setup Budget
- Reimbursement for approved trainings and subscriptions
- Conferences (travel, lodging, and fees)
- Note - some benefits are not available to interns or contractors.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity engineeringthreat modelingvulnerability remediationcloud securityscriptingOS administrationencryptionincident responsenetwork securitysecurity testing
Soft skills
clear communicationmentoringcollaborationproblem-solvingleadership
Certifications
Bachelor’s in Computer ScienceISO 27001SOC 2PCI DSSHIPAA
