Cyber Security Engineer

Astound BroadbandPortland, OR
$70,000 - $90,000

About The Position

The Cyber Security Engineer is responsible for the design, implementation, and continuous improvement of the organization’s security architecture, controls, monitoring, detecting, analyzing, and responding to cyber security threats. This role operates within the Security Operations function and plays a critical role in threat detection, incident response, vulnerability management, and continuous improvement of the organization's security posture from design to implementation.

Requirements

  • 7+ years of Cyber Security experience.
  • Demonstrated knowledge of actively debugging attacks.
  • Expertise with Identity & Access, End Point Detection and Multi-Factor Authentication.
  • Experience with NGFW, IDS/IPS, WAF, Proxy, PKI and Advanced Threat Protection, cloud, automation, and scripting.
  • Ability to juggle multiple priorities where you are the driving force, ensuring completion and on-time delivery.
  • Excellent written and verbal communication skills in a clear business relevant manner that is adjusted to the audience; up, down and across the organization.
  • Proven independent decision making in high stress environment.
  • Ability to collaborate, mentor and training members of the team.
  • Demonstrated passion for security and self-driven to one day become an expert.
  • Proven ability to rapidly learn and retain new technologies.
  • Excellent interpersonal, customer support, verbal and technical writing skills; be a self-starter with the ability to achieve deadline-driven priorities.
  • Demonstrated ability to collaborate and work in a team environment, exhibit professional initiative, self-direction, willingness, and ability to document knowledge and share with others is required.
  • Strong communication skills and creativity as a problem solver is a must.
  • Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).

Responsibilities

  • Lead and oversee 24/7 security operations, including monitoring, detection, triage, and incident response across enterprise environments (endpoint, network, identity, and cloud).
  • Own the end-to-end incident response lifecycle - including identification, containment, eradication, recovery, and post-incident analysis, - ensuring rapid, consistent, and high-quality execution.
  • Drive root cause analysis, blast radius determination, and implementation of corrective and preventive actions.
  • Establish, maintain, and continuously improve incident response playbooks, escalation procedures, and operational runbooks to enhance response effectiveness and reduce dwell time.
  • Act as the primary escalation point for high-severity or complex security incidents, providing technical leadership, decision-making authority, and real-time guidance during active events.
  • Lead advanced threat hunting operations using hypothesis-driven methodologies, leveraging EDR/XDR telemetry, SIEM data, network traffic, identity signals, and threat intelligence aligned to MITRE ATT&CK.
  • Design, develop, and optimize detection engineering capabilities, including SIEM correlation rules, behavioral analytics, and custom detections to improve coverage and reduce false positives.
  • Drive integration and tuning of security technologies (e.g., CrowdStrike, SIEM, SOAR, vulnerability scanners), ensuring alignment to enterprise risk priorities and operational efficiency.
  • Define and track key SOC performance metrics (e.g., MTTD, MTTR, alert fidelity, containment time) to measure operational effectiveness and drive continuous improvement.
  • Lead cross-functional coordination during incidents, partnering with IT, infrastructure, cloud, legal, HR, and executive leadership to ensure effective response and communication.
  • Translate technical incidents into business impact, delivering clear, concise updates to leadership and facilitating decision-making at the executive level.
  • Oversee vulnerability management efforts by correlating scan results with asset criticality, exploitability, and threat intelligence to drive risk-based prioritization.
  • Lead post-incident reviews, tabletop exercises, and continuous improvement initiatives to strengthen organizational resilience and reduce repeat incidents.
  • Mentor and develop SOC analysts and incident responders, establishing investigation standards, quality controls, and career development pathways.
  • Ensure proper evidence handling, forensic integrity, and audit-ready documentation aligned with regulatory frameworks (e.g., NIST, CMMC, PCI).
  • Identify emerging threats, adversary trends, and attack patterns, and operationalize insights into improved detections, controls, and defensive strategies.
  • Analyze alerts to determine legitimacy and potential impact.
  • Identify indicators of compromise (IOCs) and attacker tactics, techniques, and procedures (TTPs).
  • Escalate confirmed threats in accordance with established playbooks and procedures.
  • Perform initial triage and investigation of security incidents.
  • Other duties as assigned.

Benefits

  • 401k retirement plan, with employer match
  • Insurance options including: medical, dental, vision, life and STD insurance
  • Paid Time Off/Vacation: Starting at 80 hours per year, and increases based on tenure with the organization
  • Floating Holiday: 40 hours per year
  • Paid Holidays: 7 days per year
  • Paid Sick Leave: Astound allows a number of paid sick hours per calendar year and varies based on state and/or local laws
  • Tuition reimbursement program
  • Employee discount program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service