Cybersecurity Engineer III

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
• 5–8 years of progressive cybersecurity experience, including at least 2–3 years in a senior security engineering, architecture, or cloud security role with hands-on platform management.
• Expert-level knowledge of SIEM (e.g., Splunk, modern SIEM), EDR/XDR (e.g., CrowdStrike, SentinelOne), next-gen firewalls, IAM, multi-cloud security (AWS, Azure, GCP, O365), and platform administration/optimization.
• Expert level knowledge of log aggregation and data management pipelines (Tenzir, Cribl, Observo)
• Proficiency in scripting/automation (Python, PowerShell, Bash) and IaC tools (Terraform, Ansible).
• Deep understanding of secure architecture, network protocols, Windows/Linux systems, container/Kubernetes security, zero-trust principles, and security product evaluation processes.
• Demonstrated leadership in incident response, vulnerability management, threat hunting, platform management, or deploying/evaluating security technologies.
• Proven experience conducting PoCs, vendor evaluations, or technology enablement initiatives.
• Excellent communication, project management, strategic thinking, and stakeholder influence skills.
• Deep understanding of attacker tactics, threat intelligence, and the MITRE ATT&CK framework.
• Must be able to verify identity and employment eligibility to work in the U.S.
• This position does not offer visa sponsorship.

Nice To Haves

• Advanced certifications such as CISSP, CCSP, CISM, GIAC (GCIA, GCIH), AWS/Azure/GCP Security Specialty, or AI/security-specific credentials.
• Hands-on experience with penetration testing tools (Metasploit, Burp Suite, Kali Linux), AI/ML security tools, quantum-safe cryptography concepts, or formal product evaluation frameworks.
• Prior experience leading teams, cross-functional projects, AI governance/security initiatives, or security platform procurement/evaluation processes.
• Familiarity with supply chain risk management, API security, post-quantum migration planning, and emerging vendor ecosystems.

Responsibilities

• Strategic Security Architecture and Platform Management Design and implement advanced zero-trust architectures with continuous authentication, verification, micro-segmentation, and identity-centric controls across cloud-native and hybrid environments.
• Own the deployment, ongoing management, configuration, optimization, and administration of core security platforms, including next-generation SIEM, EDR/XDR, firewalls, IAM/identity governance, WAF, CSPM, and related tools.
• Lead platform lifecycle activities such as performance tuning, policy development, integration enhancements, and capacity planning to ensure reliability, scalability, and alignment with evolving threats.
• Develop and maintain multi-year security roadmaps that incorporate emerging threats (e.g., AI-powered attacks, quantum risks, supply chain vulnerabilities) while aligning with business objectives and platform innovation needs.
• Advanced Threat Detection and Mitigation Build and refine AI/ML-enhanced detection rules, automated threat-hunting playbooks, and intelligent response orchestration workflows within managed security platforms.
• Lead proactive threat-hunting initiatives to detect and neutralize advanced persistent threats (APTs), AI-generated attacks, insider risks, and supply chain compromises.
• Integrate real-time threat intelligence feeds and AI-driven analytics to improve detection accuracy, reduce false positives, and enable predictive risk mitigation across platforms.
• Incident Response Support complex, high-impact incident response efforts, including containment, forensic analysis using platform telemetry, eradication, recovery, and root-cause investigation.
• Conduct post-incident reviews, develop preventive strategies, and deliver executive-level briefings and reports.
• Coordinate cross-functional response to incidents and emerging attack vectors.
• Vulnerability and Risk Management Oversee enterprise vulnerability management programs, including automated scanning, red team/purple team exercises, and prioritized remediation tracking integrated with security platforms.
• Manage risk remediation in collaboration with IT, DevOps, application, and third-party teams, with focus on software supply chain, API security, and platform-specific exposures.
• Maintain risk registers, compliance reporting, and quantum-readiness assessments to support evolving regulatory and threat landscapes.
• Automation and DevSecOps Integration Automate security controls, workflows, and platform operations using Python, PowerShell, Bash, Ansible, Terraform, and infrastructure-as-code (IaC) tools.
• Embed security-as-code practices into CI/CD pipelines, including automated scans for vulnerabilities, secrets management, AI model security, and platform integrations.
• Drive scalability, efficiency, and innovation in security operations through AI-augmented automation, continuous platform monitoring, and enablement of self-service security capabilities for development teams.
• Innovative Product Evaluations and Enablement Lead evaluation, selection, and enablement of new and emerging security products, technologies, and platforms through structured proof-of-concepts (PoCs), vendor assessments, pilot programs, and comparative testing.
• Define evaluation criteria, coordinate cross-functional PoC execution, analyze results against enterprise requirements (e.g., integration feasibility, performance, cost, AI compatibility), and recommend adoption or enhancements.
• Facilitate enablement activities, including training, documentation, integration roadmaps, and knowledge transfer to operations, DevOps, and end-user teams to accelerate secure adoption of approved platforms and tools.
• Stay ahead of vendor innovations by monitoring market developments and conducting regular technology refresh assessments.
• Strategic Contributions: Ensure alignment with NIST, CIS, PCI DSS, SOC 2, HIPAA, CCPA, GDPR, and emerging AI/quantum-related frameworks.
• Develop, update, and enforce security policies, standards, and procedures, including AI governance, post-quantum cryptography migration plans, and platform management guidelines.
• Lead audit preparation, readiness activities, and responses to internal/external audits.
• Mentor cybersecurity analysts, engineers, and cross-functional teams on advanced practices, platform management, AI security, threat trends, and innovative evaluation methodologies.
• Partner with IT, DevOps, development, procurement, and business units to integrate security by design across systems, applications, AI initiatives, and new platform deployments.
• Contribute to organization-wide cybersecurity awareness, training, and AI ethics programs.

Benefits

• health, dental & vision
• retirement with company contribution
• parental leave
• mental health & wellness benefits
• generous PTO
• sales incentive pay for most sales roles
• annual bonus plan for eligible non-sales roles