Cyber Security Engineer

About The Position

Requirements

• Bachelor's Degree in Computer Science, Cybersecurity, Information Systems, Software Engineering, or a related technical field
• 7+ years in engineering, security engineering, platform engineering, SRE, vulnerability management, or technical risk roles
• Proven ability to design and influence technical solutions across cross-functional teams
• Hands-on experience with vulnerability management practices, including discovery, prioritization, remediation coordination, exception handling, and risk reporting
• Demonstrated problem-solving skills, analytical thinking, and the ability to explain complex technical risk concepts to non-technical audiences without losing fidelity
• Ability to work independently and as part of a team, operating comfortably between engineering teams and risk stakeholders
• Strong understanding of how risk manifests in distributed systems, cloud platforms, and automation environments
• Infrastructure as Code experience using Terraform
• Configuration management and automation experience using Ansible
• Programming and scripting proficiency in Python
• Hands-on experience with cloud platforms, specifically Google Cloud Platform (GCP) and/or Azure
• Ability to design and implement scalable, automatable security controls and remediation workflows across enterprise technology stacks

Nice To Haves

• Master's Degree in a related field is preferred
• Experience with CI/CD pipelines and policy-as-code implementation
• Knowledge of cloud IAM, networking, and control plane security
• Experience with backup, recovery, and resilience architectures
• Familiarity with observability, logging, and evidence automation for control validation
• Experience with vulnerability scanners, exposure management platforms, and remediation workflow tooling
• Knowledge of ITIL-based IT Service Management (ITSM) practices
• Familiarity with Agentic AI Frameworks for security automation use cases

Responsibilities

• Engineer technical vulnerability risk solutions that reduce operational, cyber, and resilience risk through architecture, automation, and control design.
• Translate vulnerability risk requirements, policies, and standards into implementable technical patterns, guardrails, and reference architectures.
• Prioritize and influence solution design decisions based on risk impact, blast radius, and recovery dependencies.
• Partner with platform, cloud, security, and SRE teams to embed risk controls directly into infrastructure and pipelines.
• Evaluate control effectiveness using technical signals and evidence, not just procedural compliance.
• Support initiatives such as vulnerability discovery, exposure analysis, remediation workflow design, secure cloud architectures, isolated recovery environments, identity and access hardening, and infrastructure resilience.
• Provide technical guidance on risk tradeoffs, recovery sequencing, and dependency-aware system design.
• Work across broad vulnerability management capabilities, including scanners, asset and exposure data sources, prioritization models, remediation tracking platforms, exception workflows, and executive risk reporting.
• Contribute to lightweight process definition where needed—but always in service of enabling better technical outcomes.

Benefits

• Immediate medical, dental, and prescription drug coverage
• Flexible family care, parental leave, new parent ramp-up programs, subsidized back-up child care and more
• Vehicle discount program for employees and family members, and management leases
• Tuition assistance
• Established and active employee resource groups
• Paid time off for individual and team community service
• A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
• Paid time off and the option to purchase additional vacation time.