Cybersecurity Engineer

<div><p>We are seeking a<b>Cybersecurity Engineer</b>to design, implement, and maintain security controls that protect the company’s systems, applications, and data. This role requires practical hands‑on technical skills, a collaborative mindset, and the ability to translate security requirements into engineering solutions.</p><h3>Key Responsibilities</h3><h3>Security Engineering&Controls</h3><ul><li>Design, deploy, and maintain security controls and tooling across cloud (AWS, Azure, GCP) and on‑premise environments, including network security, host hardening, endpoint protection, and application security controls.</li><li>Implement and manage identity and access management solutions, least‑privilege models, and secure authentication/authorization mechanisms.</li><li>Integrate security into CI/CD pipelines and automate security testing (SAST, DAST, dependency scanning) and infrastructure-as-code (IaC) security checks.</li></ul><h3>Threat Detection&Incident Response</h3><ul><li>Develop and tune detection rules, alerts, and playbooks for Security Operations using SIEM, EDR, and cloud-native monitoring tools.</li><li>Participate in incident response activities, perform root cause analysis, and implement remediation and prevention measures.</li><li>Collaborate with SOC, IT, and engineering teams to ensure timely containment, eradication, and recovery from security incidents.</li></ul><h3>Secure Architecture&Advisory</h3><ul><li>Advise product and engineering teams on secure design principles, threat modeling, and security requirements for new features and integrations.</li><li>Review architecture and code for security risks, provide actionable recommendations, and help implement secure design patterns.</li><li>Participate in design and architecture reviews to ensure security and compliance requirements are addressed early in the development lifecycle.</li></ul><h3>Vulnerability Management&Continuous Improvement</h3><ul><li>Manage vulnerability scanning, prioritize remediation activities, and coordinate patching and configuration changes with engineering and IT teams.</li><li>Drive continuous improvement through automation of security controls, monitoring, reporting, and incident lessons learned.</li><li>Evaluate and recommend security tools and services to strengthen detection, prevention, and response capabilities.</li></ul><h3>Documentation, Training&Collaboration</h3><ul><li>Develop and maintain security runbooks, architecture diagrams, control documentation, and operational playbooks.</li><li>Provide security awareness, developer‑focused training, and practical guidance to engineering and operations teams.</li><li>Work cross‑functionally to ensure security requirements are integrated into project plans, vendor selections, and deployment workflows.</li></ul><h3>Required Qualifications – Skills&Experience</h3><ul><li>Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent practical experience.</li><li>3+ years of hands‑on experience in cybersecurity engineering, cloud security, DevSecOps, or related roles.</li><li>Practical experience with cloud platforms (AWS, Azure, GCP), containerization (Docker, Kubernetes), and infrastructure‑as‑code (Terraform, CloudFormation).</li><li>Strong knowledge of secure software development practices, application security testing (SAST/DAST), and vulnerability management processes.</li><li>Experience with security tooling such as SIEM, EDR, vulnerability scanners, secrets management, and IAM solutions.</li><li>Solid scripting or programming skills (e.g., Python, Go, Bash) to automate tasks and integrate security tooling.</li><li>Excellent written and verbal communication skills with the ability to document technical controls and communicate with technical and non‑technical stakeholders.</li></ul><h3>Preferred Qualifications</h3><ul><li>Relevant certifications such as CISSP, OSCP, GCP/AWS/Azure security certifications, or equivalent practical credentials preferred.</li><li>Experience working in cloud‑native, DevSecOps environments and integrating security into CI/CD pipelines.</li><li>Prior involvement in incident response, threat hunting, or security operations is advantageous.</li><li>Familiarity with compliance frameworks (SOC 2, ISO 27001, NIST) and experience supporting security controls for audits is a plus.</li></ul><h3>Work Environment&Compensation</h3><ul><li>Full‑time role with a hybrid onsite/remote work model; occasional travel may be required for stakeholder meetings, audit support, or incident response coordination.</li><li>Competitive salary commensurate with experience and a comprehensive benefits package, including health insurance, retirement plan options, and paid time off.</li><li>Opportunities for professional development, certification support, and career progression within Security and Engineering functions.</li><li>Inclusive and respectful workplace culture that values diversity, equity, and work‑life