Sr Cyber Security Engineer

About The Position

Requirements

• 5+ years of experience partnering with business and technical teams to architect and deliver Cyber solutions
• 5+ years of experience consulting with business teams regarding threat mitigation best practices in one or more technical areas (Perimeter Security, Application Security, Core Systems, EDR, Cloud etc…)
• Explain common threats to components including Network, Cloud, Web and Application environments
• Collaborate with other staff to ensure Cyber requirements are understood and clear during all phases of a project
• Knowledge of best practices in the Cyber Security industry, including remediations for OWASP Top 10, CWE/SANS Top 25, CIS controls, and NIST guidelines
• Technical knowledge in at least one of the above listed Cyber security areas, highlighting your ability to navigate complex challenges
• Give and receive constructive feedback in a team environment, fostering a culture of continual improvement and excellence
• Willingness to provide mentorship to all members of the team
• Strong written/verbal communication and presentation skills with the ability to tailor to both technical, and non-technical audiences
• Experience using diagramming tools to communicate secure designs and controls
• Excellent time management skills to appropriately prioritize multiple concurrent projects

Nice To Haves

• Formal Degree is not required, relevant experience in the above-mentioned areas prioritized
• Experience performing Threat Analysis and modeling leveraging best in industry frameworks such as MITRE ATT&CK, indicating your proficiency in implementing robust security measures
• Experience in Consumer-Facing Applications: Direct experience with security products or services consumed by millions of users, particularly in streaming media, OTT platforms, or digital media services.
• Detailed knowledge of common Cloud Services offered (IaaS, PaaS, SaaS) and the different potential risks posed by each
• Familiarity with security controls such as Cloud Security Matrix, NIST CSF, CIS Critical Security Controls
• Understanding of various data and privacy regulations, including PCI DSS, SOX, HIPAA, GDPR, CCPA
• Experience developing and documenting security guidelines or security best practices
• A firm understanding of Cybersecurity Engineering/Operations, Incident Response, and GRC functions
• Empathy for engineering teams with the ability to balance security guidelines and policies with operational needs to maintain desired end-state corporate security posture

Responsibilities

• Conducting end to end security and threat analysis of enterprise initiatives involving new or modified technology deployments
• Ensuring that they incorporate Information Security best practices and guidelines into system designs
• Functioning as a technical and engineering subject matter expert across various Cyber Security technology areas with a focus on network, application, cloud, and enterprise security controls
• Collaboration across the Cyber organization, partnership with business stakeholders
• Resulting in security guidance and/or mitigation requirements
• Effectively communicate the importance of key Cyber initiatives and services to obtain support, trust and buy-in from the business

Benefits

• medical
• dental
• vision insurance
• 401(k)
• paid leave
• tuition reimbursement
• discounts
• perks