Senior Associate Information Security Consultant

About The Position

Requirements

• Bachelor’s degree or equivalent education, training, and work-related experience.
• Minimum of 5 years of experience in security engineering or related cybersecurity roles.
• Advanced knowledge in cybersecurity principles, theories, and concepts.
• Proven experience in software development lifecycle security practices.
• Advanced knowledge of threat modeling, security testing, and penetration testing.
• Experience implementing and managing complex information security technologies.

Nice To Haves

• Advanced cybersecurity certifications (e.g., CISSP, CISM, CEH, GIAC).
• Experience with security automation, orchestration, and advanced threat detection tools.
• Familiarity with emerging cybersecurity technologies, industry trends, and strategic risk management.

Responsibilities

• Designs and implements cybersecurity solutions that protect critical assets within the job area, contributing to the technical design and implementation approach while following established strategies and patterns.
• Performs threat modeling, security testing, and penetration testing for the platforms and services in scope, using structured analysis to identify and remediate significant vulnerabilities.
• Integrates and configures information security technologies in production environments, implementing and refining configuration patterns, automation, and handoff steps for assigned systems or services.
• Serves as a technical escalation point within the team for challenging security issues, investigating root causes and developing practical, reusable fixes that improve team workflows.
• Evaluates relevant security threats, tools, and design options, and provides input that helps shape technical plans, priorities, and goals for the job area.
• Collaborates closely with product and engineering teammates to apply security architecture guidance, securebydesign practices, and governance controls in daytoday development activities.
• Develops and maintains security baselines, guardrails, and control implementations for systems and applications in the area of responsibility, helping support regulatory and policy compliance.
• Leads the technical execution of incident response and basic forensic activities for services in scope, following playbooks, coordinating tasks with teammates, and suggesting improvements to procedures and tooling.
• Provides guidance, coaching, and informal training to other security engineers and technical teammates, sharing best practices through design and code reviews and knowledgesharing sessions.
• Leads significant security engineering workstreams or endtoend processes within the job area, coordinating contributions from lowerlevel technical professionals and reviewing outputs for quality and alignment.

Benefits

• medical
• dental
• vision
• life insurance
• disability
• accidental death and dismemberment
• tax-preferred savings accounts
• 401k plan
• 10 days of vacation
• 10 sick days
• paid holidays
• defined benefit pension plan
• restricted stock units
• deferred compensation plan