Cyber Security Engineer
Remote- United States
ESSENTIAL FUNCTIONS -Develop and improve monitoring, reporting, and alerting capabilities that allow for the security team to identify, prioritize, and address threats by using research, security tools, scripting, database queries, data manipulation, and reporting writing technical skills.- Develop and maintain threat models to inform and prioritize the risk management activities of the security team. Use and maintain vulnerability scanning and penetration testing tools to quickly identify weaknesses across multiple environments and systems at scale.- Collaborate with clients, auditors, vendors, and the internal security team to develop thorough assessment testing strategies and validate the security posture of multiple layers of environments, from low-level physical to high-level application layers.- Investigate reported vulnerabilities and risks to qualify and confirm findings and follow established procedures to directly resolve or to assign remediation actions to other functional areas.- Develop strategies, scripts, configurations, or other manual procedures to reduce security risks across cloud services, servers, network devices, and end-user endpoints.- Design, deploy, and operate security solutions, including firewalls, intrusion detection, DLP tools, CASB’s, and AV/EDR systems, to design, deploy, and maintain configurations and policies that reduce security risks in automated virtual and containerized environments.- Participate in or lead formalized security incident response procedures as part of a team, including all phases of the incident handling lifecycle, from preparation through lessons learned.- Collect evidence of security program activities to satisfy client due diligence requests as well as support internal and external audit activities.
KNOWLEDGE, SKILLS, & ABILITIES - Five (5) years of experience in a relevant technology domain, including security engineering, software engineering, information technology, systems administration, technical fieldwork, or information assurance required.- Three (3) years of demonstrated experience in designing and implementing controls to manage security risks in a full-time capacity in a containerized, cloud environment as a security engineer, DevSecOps team member, or similar role required.- Experience with AWS, Linux, Kubernetes, Git, and scripting in Bash and Python required.- In-depth technical knowledge of cybersecurity tools, techniques, and procedures to identify and analyze threats and devise and monitor technology safeguards to protect sensitive assets.- Design skills and ability to implement security controls at the operating system, containerization, orchestration, and network levels, including with SELinux, auditd, sshd, iptables, syslog variants, Snort/Suricata, and Zeek.- Calm and serious attitude, technical aptitude, appropriate sense of urgency, and communication skills to effectively coordinate with internal team members to remediate vulnerabilities and reduce security risks.- Must be able to pass requisite background checks to access sensitive information.- Must have strong client orientation and demonstrate professional demeanor that earns the trust and respect of individuals inside and outside Lumin Digital.- Ability to prioritize tasks, exercise sound judgment and confidentiality with sensitive information- Good communication, interpersonal, and presentation skills- Ability to work remotely while maintaining a high level of productivity and effectiveness with limited supervision- Strong drive to fully understand threats and weaknesses, to continuously improve our posture, and to professionally develop in this quickly-changing career
EDUCATION Bachelor’s Degree in Computer Science, Management Information Systems, Information Assurance, Information Security, Cybersecurity, or related field; or equivalent self-study in cybersecurity with demonstrated command of key concepts and technologies and proficiency in digital forensics, incident response, secure application development, penetration testing, or other technical security risk management domains required.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Banking Bash CASB Cloud Compliance Computer Science DevSecOps EDR Firewalls Forensics Incident response Intrusion detection IPtables Kubernetes Linux Monitoring Pentesting Python Risk management Scripting Snort Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.