Cyber Security Engineer Remote Jobs

12 Results

12d

Cybersecurity Engineer

CIYIS LLCAtlanta, GA Remote
Design

CIYIS LLC is hiring a Remote Cybersecurity Engineer

We are seeking a Cybersecurity Engineer to join our team! You will be responsible for the management and delivery of SaaS applications for a government client. Serves as the Cybersecurity Engineer for a large, complex task order (or a group of task orders affecting the same system) and shall assist the PMO in working with managing customer requirements. Under the responsible for the overall delivery of various FedRAMP and ATO compliance project initiatives while ensuring that the technical solutions and schedules in the task order are implemented in a timely manner. Manages and reports project cost, schedule, and performance.

Responsibilities:

  • Plans, directs, and co-ordinates a group of Cybersecurity activities to manage and implement Cybersecurity project(s) from contract/proposal initiation to final operational stage.
  • Accountable for the monitoring and enforcing compliance to IT and cyber security policies and governing procedures to reduce risk to cyber incidents and potential areas of non-compliance.
  • Responsible for understanding and assessing technology and operational risks related to internal technology solutions and at times, might be asked to provide input to personnel on appropriate controls to address those risks.
  • Leads the project/program team(s) in determining client requirements and translating requirements into operational plans.
  • Ensures adherence to legally binding requirements and client’s long-term goals. Facilitates status review meetings among project team members and clients.
  • Works with the PMO on project/program proposals, bids, contracts, estimates, and schedules.
  • Maintains awareness on emerging technologies and project/program management techniques.
  • Provides Cybersecurity leadership in the design, build and overseeing of the security architectures, security engineering life cycle, infrastructure & network, and computer security for an organization.
  • Provides Cybersecurity leadership in the vulnerability testing, risk analyses and security assessments of local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices according to security standards, security systems and authentication protocols.
  • Provides Cybersecurity leadership in the definition, implementation, and maintenance of enterprise security policies and procedures.
  • Provides Cybersecurity leadership in the response to security-related incidents and follow(s) industry best practices in a thorough post-event analysis.
  • Provides Cybersecurity leadership in the architecture review and risk & impact assessment for the critical information assets.

Qualifications:

  • Previous experience in ERP information technology and/or other related fields
  • Demonstrated leadership experience in projects of similar size and complexity
  • Six years general IT experience
  • Six years cybersecurity experience
  • Must possess a DOD Secret Clearance and be eligible for an IT-II upon assignment.
  • Must possess certification meeting the DOD 8570.01 IAM level III
  • Nice to have a Risk Management Professional credential
  • Strong knowledge of RMF

Education & Clearance Requirements:

  • 4 Year degree in computer sciences, Information Technology, or equivalent experience
  • Candidate must posses the ability to maintain a government security clearance.
  • No visa sponsorship available.

    CIYIS is an Equal Opportunity Employer and all Qualified Applicants will receive consideration for employment without regard to Race, Color, Religion, Sex, National Origin, Disability Status, Protected Veteran Status or any other Characteristic Protected by Law.

    See more jobs at CIYIS LLC

    Apply for this job

    16d

    Cybersecurity Engineer

    ClientSolvTechnologiesDallas, TX, Remote
    Design

    ClientSolvTechnologies is hiring a Remote Cybersecurity Engineer

    Job Description

    We are seeking an experienced and CISSP certified Cybersecurity Engineer for a 3 month contract-to-hire role.  This role can work remotely from anywhere within the U.S. 

    In this role, you will apply Information Technology (IT) security principles, methods and security products to protect and maintain the availability, integrity, confidentiality and accountability of   IT resources and physical security access of property and personnel. You will be accountable for executing assigned tasks to implement the goals of the organization's Information Security initiatives, on time and within approved budget.

    Essential Duties and Responsibilities:

    • Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
    • Develops, documents and maintains methodology for sensitive and critical application and general support for IT security systems.
    • Researches technical and IT security topics; maintains information on industry trends.
    • Collaborates with others in the Company (i.e. Information Technology engineers, Network Engineers, etc) to perform design review and analysis of network infrastructure modifications.
    • Develops policies, procedures and maintains scripts, routines and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; detects malware or malicious activities.
    • Periodically reviews firewall and router rules and access control lists.
    • Monitors and reviews intrusion detection systems and firewall logs to identify adverse patterns and coordinate mitigation responses.
    • Performs security assessments, risk identification and mitigation planning and execution.
    • Leads vulnerability management efforts and actively participates in patch management and risk management processes.
    • Participates in emergency operations, including the Computer Security Incident Response Team.
    • Responsible for PKI Infrastructure management and support - User and Server Authentication
    • Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
    • Ensures processes and procedures are developed, documented, maintained and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory require

       

    Qualifications

    • 5+ years of professional experience as a Cybersecurity Engineer
    • Experience working with Technical tools and implementing them such as
      • Identity Access Management
      • Privilege Access Management Identity Access Management
      • Vulnerability Management
      • Threat Hunting
    • Must have CISM, CISA, CRIS, CISSP, or similar certification
    • SIEM tools -Splunk
    • BS in Information Technology or equivalent combination of directly applicable experience and certification
    • Strong experience working with market standard Vulnerability Assessment tools
    • Must have experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation
    • Experience with policy and process documentation
    • Understanding of DNS, DHCP and LDAP
    • System hardening experience utilizing STIGs, CIS or USGCB
    • Security Incident Response experience
    • Strong oral and written communication abilities with experience writing policies
    • Must possess strong analytical and troubleshooting skills
    • Must be able to serve as a technical resource to IT staff

    Apply for this job

    20d

    IT Security Engineer

    Timocom GmbHErkrath, Germany, Remote

    Timocom GmbH is hiring a Remote IT Security Engineer

    Stellenbeschreibung

    Als IT Security Engineer (m/w/d) bei TIMOCOM erarbeitest du gemeinsam mit deinem Team Maßnahmen, Konzepte und Richtlinien zur kontinuierlichen Verbesserung des Betriebs- und Sicherheitsniveaus.

    • Dabei bist du für die Definition, Einführung, sowie Weiterentwicklung und Implementierung von IT-Sicherheitsvorgaben verantwortlich.
    • Für den IT-Betrieb evaluierst und betreust du IT-Sicherheitslösungenund identifizierst IT-Sicherheitsrisiken sowie Schwachstellen.
    • Du konzipierst Sicherheitsanforderungen für Web-Applikationen und etablierst einen Secure Software Development Lifecycle.
    • Zudem führst du Sicherheitsprüfungen und Sicherheitsanalysen der IT-Infrastruktur durch.
    • Du berätst Softwareentwicklern sowie Fachbereiche und Projektgruppen zu Themen der IT-Sicherheit und empfiehlst Maßnahmen zur Steigerung des IT-Sicherheitsniveaus.
    • Es steht dir frei, entweder 100 Prozent remote zu arbeiten oder flexibel unsere TEAMocom Spaces vor Ort zu nutzen.

    Qualifikationen

    • Du bringst mehrjährige Berufserfahrung im Bereich der IT-Sicherheit mit.
    • Mit Client- und Server-Betriebssystemen wie Microsoft und Unix kennst du dich bestens aus.
    • Zudem bringst du fundiertes Wissen zur sicheren Konfiguration und Überwachung der Office 365 Cloudmit.
    • Du hast ein gutes Verständnis für Best-Practices der IT-Sicherheit, sowie für Netzwerk- und Betriebssystem-Architekturen (z.B. ISO 27001, ISO 22301).
    • Bestenfalls konntest du erste Erfahrungen im Bereich von Pentesting und Red Teaming sammeln.
    • Damit du dich in deinem Team gut verständigen kannst, bringst du gute Deutsch- und Englischkenntnisse mit.

    See more jobs at Timocom GmbH

    Apply for this job

    25d

    Senior Cloud Security Engineer

    StockXRemote, USA
    Bachelor's degreeterraformsqlDesignazuredockerkubernetespythonAWS

    StockX is hiring a Remote Senior Cloud Security Engineer

    Help empower our global customers to connect to culture through their passions.

    Why you’ll love this role

    This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team.  This team is responsible for leading efforts to enhance the security of the cloud infrastructure and applications all across StockX. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. They provide ongoing engineering support for security systems in our cloud native environment.  This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.

    What you’ll do

    • Partner with the Platform Engineering and IT teams to design, implement, and manage security measures for our AWS & Azure cloud infrastructure.
    • Collaborate with cross-functional teams to automate and expedite integration of security best practices into the entire development lifecycle, from design to deployment.
    • Use available tooling to assess risks and vulnerabilities and implement strategies to mitigate and remediate identified security risks.
    • Automate enforcement security of policies and related controls for AWS cloud services and data protection.
    • Monitor and respond to security incidents, conduct investigations, and implement incident response procedures as needed with confidentiality and professionalism.
    • Design and implement identity and access management (IAM) solutions for secure access control.
    • Partner with other teams to ensure IAM controls are part of a defense in depth strategy
    • Ensure the continuing operation and effectiveness of key identity and access management controls
    • Stay abreast of the latest cloud security trends, threats, and vulnerabilities, and implement proactive measures to address emerging risks.
    • Possess knowledge of reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and Docker supported by other engineering teams.
    • Provide mentorship and guidance to junior members of the security team.
    • Ability to quickly analyze logs and configurations using; Python, JQ, cURL, etc.
    • Integrate application security tooling within the existing CI/CD environment to improve application security.

    About you

    • 4-7 years of relevant security experience.
    • Bachelor's degree preferred but not required.
    • Cyber security certifications preferred e.g. CISSP, CISM, Security +, AWS Security
    • Strong experience with cloud native environments and with multiple cloud services providers
    • Experience with scripting across multiple cloud providers and infrastructure APIs to analyze security posture and configurations.
    • Detailed understanding of cloud and network security
    • Experience reading other engineer’s code across a number of languages to identify security issues.
    • Understanding of modern cloud technology components and deployment patterns: containers, Kubernetes, serverless, infrastructure as code, etc.
    • Experience with OAuth/SAML techniques and OIDC
    • Deep understanding of Identity & Access Management security controls and tooling
    • Strong understanding of securing distributed cloud and on-premesis networks using security groups, network ACLs, VPNs, and WAFs among other technologies
    • Strong understanding of security monitoring tools for cloud environments such as CSPM, CASB, cloud audit logs such as AWS Cloudtrail, etc
    • Strong understanding of application security tools such as Snyk, Sonarcloud, Dependabot or Renovate, GitGuardian, etc 
    • Technical understanding of how threats like Spam, Phishing, DDoS Attacks, Brute Force Attacks, SQL Injections, XSS are executed and how to protect against them across an organization.

     

    Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

    Pursuant to the various pay transparency laws/acts, the base salary range is $140,000 to $160,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.

    About Us

    StockX is proud to be a Detroit-based technology leader focused on the large and growing online market for sneakers, apparel, accessories, electronics, collectibles, trading cards, and more. StockX's powerful platform connects buyers and sellers of high-demand consumer goods from around the world using dynamic pricing mechanics. This approach affords access and market visibility powered by real-time data that empowers buyers and sellers to determine and transact based on market value. The StockX platform features hundreds of brands across verticals including Jordan Brand, adidas, Nike, Supreme, BAPE, Off-White, Louis Vuitton, Gucci; collectibles from artists including KAWS and Takashi Murakami; and electronics from industry-leading manufacturers Sony, Microsoft, Nvidia, and Apple. Launched in 2016, StockX employs more than 1,000 people across offices and verification centers around the world.
     
     
    We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. However, this job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position. StockX reserves the right to amend this job description at any time.

    See more jobs at StockX

    Apply for this job

    +30d

    Sr. Security Compliance Analyst

    snowflakecomputingRemote, NC, USA
    5 years of experiencejiraazurec++AWS

    snowflakecomputing is hiring a Remote Sr. Security Compliance Analyst

    Build the future of data. Join the Snowflake team.

    Since Snowflake handles a wide variety of data for its customers, Snowflake has implemented a disciplined and strategic data protection program. The Senior Security Compliance Analyst is an extremely high-visibility, internal-facing champion within the Snowflake Security team, responsible for two primary objectives:

    • Partner with internal Snowflake development and operations teams to implement the highest level of rigor in security controls implementation, within our Snowflake Service product and our organization
    • Support Snowflake Security Compliance programs, obligations, and audits, ensuring that the Snowflake Service product meets the widest selection of cybersecurity compliance frameworks

    AS A SENIOR SECURITY COMPLIANCE ANALYST AT SNOWFLAKE YOU WILL :

    • Engage with Engineering and Corporate IT Systems teams to ensure that production and corporate environments are regularly scanned for vulnerabilities, and that vulnerabilities are remediated within established deadlines
    • Identify, triage, and track progress on remediation for all vulnerability findings derived from scans, penetration tests, and reported by 3rd-party partners and customers
    • Ensure that risk management security controls are implemented consistently, and operating as expected, in accordance with the Snowflake Common Controls Framework
    • Assist engineers and product managers in developing and implementing appropriate risk management security controls to meet all applicable industry security frameworks and regulatory requirements
    • Support the development and operations of automated security tools by regularly engaging with security engineers who develop effective means to monitor, alert, and report on the security posture of the Snowflake Data Cloud in real time
    • Become an expert on the security features available for customers to deploy within the Snowflake Data Cloud, including best practices for implementation
    • Engage with engineering development teams to evaluate the compliance impact as part of the SDLC process, identifying security weaknesses in proposed solutions, and working with our Product Security team in evaluating the effectiveness of security products
    • As a Subject Matter Expert, support the initial development of, and maturity updates for, security policies and procedures 
    • Work with personnel across the Global Security Compliance & Risk (GSCR) team to ensure achievement of overall team objectives

    OUR IDEAL SENIOR SECURITY ANALYST MUST HAVE :

    • At least 4-5 years of experience directly working in support of vulnerability detection, management, and remediation efforts, ideally in cloud environments
    • Experience working with and implementing risk management security controls for NIST 800-53 controls. FedRAMP experience is a plus.
    • Self-motivated problem solver who is eager to identify and learn the latest security technologies 
    • Comfortable engaging with numerous stakeholders within a high-paced and complex engineering, production, and corporate enterprise environment
    • Technical competence sufficient to understand and explain the impact of detected vulnerabilities to various Snowflake stakeholders who possess varying levels of cybersecurity skill and understanding
    • Experience using vulnerability management tools such as Tenable.io, Tenable.sc, Wiz, and Orca, including how to configure scanning tools to ensure that all resources are being successfully scanned
    • Experience in creating Web Application Scans (WAS) and developing remediation recommendations based upon scan results
    • Demonstrated understanding and working knowledge of analyzing vulnerabilities using the Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), and Common Weakness Enumeration (CWE) frameworks, to triage and assign appropriate risk categorizations to identified vulnerabilities
    • General experience with cloud computing concepts and architectures

    OUR IDEAL SENIOR SECURITY ANALYST MIGHT ALSO HAVE :

    • Experience working with and implementing risk management security controls with additional frameworks such as PCI-DSS, SOC 1/2, HITRUST, IRAP, etc.
    • Familiarity and understanding of implementing CIS Benchmarks 
    • Familiar with workflow management systems such as Jira and ServiceNow
    • Data analytics or database experience
    • Knowledge of AWS, Microsoft Azure, and/or Google Cloud
    • Achievements that demonstrate candidate is extremely detail oriented
    • Achievements that demonstrate exceptional written and verbal communication skills
    • CISSP, CISM, CISA, or similar certification

    See more jobs at snowflakecomputing

    Apply for this job

    +30d

    Senior IT Security Engineer (remote)

    ClientSolvTechnologiesDenver, CO, Remote
    Design

    ClientSolvTechnologies is hiring a Remote Senior IT Security Engineer (remote)

    Job Description

    We are seeking an experienced and CISSP certified Cybersecurity Engineer for a 6 month contract-to-hire role.  This role can work remotely from anywhere within the U.S. 

     

    In this role, you will apply Information Technology (IT) security principles, methods and security products to protect and maintain the availability, integrity, confidentiality and accountability of   IT resources and physical security access of property and personnel. You will be accountable for executing assigned tasks to implement the goals of the organization's Information Security initiatives, on time and within approved budget.

    Essential Duties and Responsibilities:

    • Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
    • Develops, documents and maintains methodology for sensitive and critical application and general support for IT security systems.
    • Researches technical and IT security topics; maintains information on industry trends.
    • Collaborates with others in the Company (i.e. Information Technology engineers, Network Engineers, etc) to perform design review and analysis of network infrastructure modifications.
    • Develops policies, procedures and maintains scripts, routines and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; detects malware or malicious activities.
    • Periodically reviews firewall and router rules and access control lists.
    • Monitors and reviews intrusion detection systems and firewall logs to identify adverse patterns and coordinate mitigation responses.
    • Performs security assessments, risk identification and mitigation planning and execution.
    • Leads vulnerability management efforts and actively participates in patch management and risk management processes.
    • Participates in emergency operations, including the Computer Security Incident Response Team.
    • Responsible for PKI Infrastructure management and support - User and Server Authentication
    • Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
    • Ensures processes and procedures are developed, documented, maintained and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory require

    Qualifications

    • CISM, CISA, CRIS, CISSP, or similar certification required.
    • BS in Information Technology or equivalent combination of directly applicable experience and certification
    • Minimum 5 years’ direct Cybersecurity Engineer or information assurance experience
    • Strong experience working with market standard Vulnerability Assessment tools
    • Must have experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation
    • Experience with policy and process documentation
    • Understanding of DNS, DHCP and LDAP
    • System hardening experience utilizing STIGs, CIS or USGCB
    • Security Incident Response experience
    • Strong oral and written communication abilities with experience writing policies
    • Must possess strong analytical and troubleshooting skills
    • Must be able to serve as a technical resource to IT staff

    Apply for this job

    +30d

    Senior IT Security Engineer

    ClientSolvTechnologiesLos Angeles, CA, Remote
    Design

    ClientSolvTechnologies is hiring a Remote Senior IT Security Engineer

    Job Description

    We are seeking an experienced and CISSP certified Cybersecurity Engineer for a 6 month contract-to-hire role.  This role can work remotely from anywhere within the U.S. 

     

    In this role, you will apply Information Technology (IT) security principles, methods and security products to protect and maintain the availability, integrity, confidentiality and accountability of   IT resources and physical security access of property and personnel. You will be accountable for executing assigned tasks to implement the goals of the organization's Information Security initiatives, on time and within approved budget.

    Essential Duties and Responsibilities:

    • Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
    • Develops, documents and maintains methodology for sensitive and critical application and general support for IT security systems.
    • Researches technical and IT security topics; maintains information on industry trends.
    • Collaborates with others in the Company (i.e. Information Technology engineers, Network Engineers, etc) to perform design review and analysis of network infrastructure modifications.
    • Develops policies, procedures and maintains scripts, routines and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; detects malware or malicious activities.
    • Periodically reviews firewall and router rules and access control lists.
    • Monitors and reviews intrusion detection systems and firewall logs to identify adverse patterns and coordinate mitigation responses.
    • Performs security assessments, risk identification and mitigation planning and execution.
    • Leads vulnerability management efforts and actively participates in patch management and risk management processes.
    • Participates in emergency operations, including the Computer Security Incident Response Team.
    • Responsible for PKI Infrastructure management and support - User and Server Authentication
    • Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
    • Ensures processes and procedures are developed, documented, maintained and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory require

    Qualifications

    • CISM, CISA, CRIS, CISSP, or similar certification required.
    • BS in Information Technology or equivalent combination of directly applicable experience and certification
    • Minimum 5 years’ direct Cybersecurity Engineer or information assurance experience
    • Strong experience working with market standard Vulnerability Assessment tools
    • Must have experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation
    • Experience with policy and process documentation
    • Understanding of DNS, DHCP and LDAP
    • System hardening experience utilizing STIGs, CIS or USGCB
    • Security Incident Response experience
    • Strong oral and written communication abilities with experience writing policies
    • Must possess strong analytical and troubleshooting skills
    • Must be able to serve as a technical resource to IT staff

    Apply for this job

    In All Media Inc is hiring a Remote Cyber Security Engineer

    The candidate must be proficient in:

    • Understanding and background with Intrusion Detection Systems and SIEM products.
    • Background in Incident Response.
    • Understanding and background with Firewalls and Networking.
    • Background in multiple Operating Systems and Cloud Environments. Linux, Windows, AWS, Azure.
    • Excellent written and verbal communication skills in English.

    Key Responsibilities

    • Conduct or coordinate vulnerability scans, and penetration tests on systems, document findings, and recommend risk mitigation strategies.
    • Operate, administer and monitor network and host-based intrusion detection/prevention systems.
    • Assist other technical support staff in identifying and implementing appropriate security safeguards, including patch application and anti-malware strategies.
    • Analyze network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies, and potential security breaches.
    • Develop scripts, tools, and procedures to automate scans, assessments, and other monitoring and discovery activities.
    • Perform other duties as assigned.

    See more jobs at In All Media Inc

    Apply for this job

    +30d

    Cyber Security Engineer - Vulnerability Management

    TestProsRemote (with some travel to Norfolk VA Area), VA
    swiftqarubyc++

    TestPros is hiring a Remote Cyber Security Engineer - Vulnerability Management

    Cyber Security Engineer - Vulnerability Management - TestPros - Career Page

    Talent Acquisition Concepts is hiring a Remote Cybersecurity Engineer

    Looking for challenging and rewarding work alongside some the best in the business? Energized by finding new solutions and technologies that benefit your clients, improve efficiency, and make buildings and the environment better? Eager to work in a setting where you can make a difference, be involved from strategy through implementation, and can see your ideas come to life? Do you thrive in an environment where initiative is rewarded with opportunity? If your answer to these questions was a “Yes” then our client may be the right fit for you.

    And a few more things -- are you flexible in your work schedule and work location? Our work allows for some work from home, but it also requires us to be hands-on for our clients when and where they need us. Are you up for a little adventure? Our client performs work in some interesting places well worth visiting, and you might want in on that.

    The Work:

    The Cybersecurity Engineer is a Subject Matter Expert in applying the Risk Management Framework (RMF) and will be responsible for managerial direction and development of one or more projects under the supervision of the Cybersecurity Program Manager. The Project Manager will manage and interface with key clients and cultivate effective relationships with existing and potential stakeholders and partners to develop business, prepare proposals, negotiate contracts, and oversee the successful delivery of projects. This position works collaboratively with the Program Manager and other team members to support network discovery, developing hardware/software lists, and developing network diagrams. As part of a multi-disciplinary team the Project Manager will advise, implement, and manage cybersecurity and control system solutions for SCADA, HVAC, Fire Alarm/Life Safety Systems, and Electronic Security Systems and ensure projects are aligned, and closely with leadership in the successful growth and management of the program, ensuring that financial goals and objectives are maximized.

    • Oversee the application of the RMF to client systems
    • Provide project capabilities in design, network system documentation, and identification of FRCS and IT components
    • Lead and perform logical scans to locate FRCS components and assess network architecture and connectivity
    • Lead the completion of detailed network diagrams and network dataflow diagrams
    • Implement risk management programs for our federal clients
    • Enhance cyber awareness with clients and project teams
    • Work alongside federal clients to help them mitigate risk with the use of continuous monitoring and incident response
    • Establish security controls to ensure the protection of client systems
    • Implement cutting edge security tools for our federal clients
    • Create, implement, and maintain project plans for on-going and new initiatives
    • Document meetings minutes and action items and disseminate to meeting participants
    • Monitor status of action items through effective tracking tools and communication of progress and assist with closing of action items
    • Create, draft, and review project documentation

    Here's What You Need:

    • 7+ years of experience performing network discovery, developing hardware/software lists, and developing network diagrams.
    • Strong leadership skills with experience managing teams
    • In-depth experience implementing the Risk Management framework
    • IT/OT network design experience
    • Experience designing and configuring servers, switches, workstations.
    • Experience designing and programming control system devices.
    • Experience working with RMF and NIST 800-53
    • Experience working with UFGS 25 05 11
    • Experience working with cyber security tools
    • Bachelor’s Degree in computer science, cybersecurity, or related engineering field or equivalent combination of training and experience
    • AT Level II Certification Required (CCNA-Security, GICSP, GSEC, Security+ CE, or SSCP certification), AT Level III Certification Preferred (CISSP)
    • Certifications in Cisco, Juniper, Moxa, and/or other Network Switches Preferred
    • Certifications in MS Windows Server, Active Directory, Enterprise OS Preferred
    • Certifications in Linux Operating Systems Preferred
    • Project Management Professional (PMP) Preferred
    • Registered Communications Distribution Designer (RCDD) Preferred

    Equal Employment Opportunity Statement

    Talent Acquisition Concepts is an Equal Opportunity Employer. We do not discriminate against anyone because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion, or sexual orientation.

    Talent Acquisition Concepts is committed to providing veteran employment opportunities to our service men and women.

    Other Employment Statements

    Applicants for employment must be US citizens and be able to pass security screens, up to Top Secret level, due to the nature of who we work for.

    Applicants must be able to work a full day on a project site, combined sitting, standing, walking, and in front of the monitor. We can guarantee you won’t be bored!

    Applicants must be able to stand, climb ladders, stairs, and get to wherever the problem is so you can see it for yourself.

    See more jobs at Talent Acquisition Concepts

    Apply for this job

    +30d

    Senior Cloud Security Engineer

    SemperisRemote, United States
    terraformazureapipythonAWS

    Semperis is hiring a Remote Senior Cloud Security Engineer

    Description

    Semperis focuses on creating an employee experience that is aligned with our vision—being a Force for Good— starting with being a good workplace. Semperis is recognized as one of America’s Fastest-Growing Cybersecurity Companies on the Inc. 5000 List, a DUNS 100 top Start Up to work for and Inc. Best Workplace for multiple years.  


    Semperis is seeking a Senior Cloud Security Engineer who is passionate about the ever-evolving field of cybersecurity and is dedicated to enhancing our cloud security posture while enabling the organization to operate efficiently and securely. If you are a proactive, detail-oriented security professional with a strong engineering background, we encourage you to apply and become a part of our dynamic security team.

    As the Senior Cloud Security Engineer at Semperis, you will play a pivotal role in ensuring that our utilization of public cloud providers' tools and infrastructure adheres to industry-leading security best practices and aligns with our company policies. You will leverage your expertise to define and implement essential security controls while staying abreast of emerging threats and evolving security frameworks.

    Qualifications and Responsibilities:

    • 5+ Years of Engineering Experience:Proven track record in an engineering organization, with a specific focus on modern operations, maintenance, and security.
    • Automation Enthusiast:A passion for automation, with a knack for identifying workflow improvements that reduce manual processes and the ability to develop scalable tools as the company's needs expand.
    • Network Proficiency:Knowledge of modern internet networking constructs, including reverse proxies, API gateways, Application Gateways, Web Application Firewalls (WAFs), and cloud firewalls.
    • Cybersecurity Expertise:A keen interest in learning about modern cloud security and information security threats, mitigation strategies, and control frameworks.
    • Continuous Learning:Dedication to staying current with security advisories, industry publications, security conferences, and influential security researchers.
    • Effective Communication:Strong communication skills to articulate complex technical concepts to non-technical stakeholders.
    • Cloud Experience:Direct hands-on experience with cloud platforms such as Azure, AWS, Google Cloud Platform (GCP) is a plus.
    • Infrastructure as Code (IAC):Familiarity with Infrastructure as Code (IAC) tools like Terraform, Bicep, and CloudFormation.
    • Scripting Proficiency:Scripting abilities in languages like Python and PowerShell.
    • Highly Organized:Exceptional organizational skills, capable of managing multiple high-priority projects concurrently.

    Position Expectations:

    • Pragmatic Cloud Security Controls:Implement business-focused controls that safeguard Semperis cloud accounts, services, and associated data.
    • Configuration Management:Identify control weaknesses and implement tools to manage configurations, ensuring necessary reporting, detection, and response capabilities.
    • User Empowerment:Facilitate self-service access to cloud accounts for Semperis employees without unnecessary barriers or gates.
    • Cross-Training:Collaborate with Semperis Security and Engineering teams to provide cloud controls training and promote best practices.
    • Risk Mitigation:Understand threats, risks, and control gaps, and work with Security Leadership to develop plans for advocacy and education to scale security solutions.
    • Stakeholder Engagement:Maintain relationships with Product Managers and Company Leadership to ensure Cloud Security Policy decisions are practical and aligned with business goals.
    • Performance Metrics:Develop actionable metrics and feedback loops for your areas of ownership, driving continuous improvement in cloud security.

     

    With teams around the world, you’ll be working alongside top global talent in Cybersecurity and Identity Access Management.

     

    Semperis is proud to be an Equal Opportunity Employer: 

    Semperis is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, creed, national origin or ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, marital status, or any other legally recognized protected basis under federal, state, or local law. The information collected by this application is solely to determine suitability for employment, verify identity, and maintain employment statistics on applicants.

     Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Semperis. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to otherwise participate in the application process.



    #LI-AO1
    #LI-Remote

    See more jobs at Semperis

    Apply for this job

    +30d

    Cloud Security Engineer

    Personio+10 more Munich, Madrid, Remote Germany, London, Dublin, Remote Spain, Remote Ireland, Amsterdam, Remote Netherlands, Remote, Remote UK, Berlin, Barcelona, Remote Berlin, Remote Barcelona
    kotlinterraformtypescriptkubernetespythonAWS

    Personio is hiring a Remote Cloud Security Engineer

    The Role

    At Personio, your work transforms the way thousands of people experience work every day. Join our Security Team that protects our customer's data. Designing, developing and delivering innovative and high security controls and technology. Be empowered to take ownership of your areas and make an impact on your team, our product, and our internal customers.

    Security is a first class priority in Personio, and we are looking for an experienced Cloud Security Engineer to join our Product & Engineering organization on the mission to implement best in class infrastructure security controls and automation practices. Personio processes highly sensitive data for thousands of customers, and security is a cornerstone of all processes, empowering us to build a fortified foundation for our customer success. Our Security Team is expanding to serve the needs of our customers and our internal engineering teams. You will partner with the infrastructure engineering teams and SREs in a hands-on fashion to ensure that Personio infrastructure is designed and built securely.

    You mission

    • Identify risks on the scope of Cloud Security and propose scalable solutions for it.

    • Interface with our Site Reliability Engineering team to ensure we get the most security impact while complementing the SREs goals to deliver a scalable on-demand infrastructure by being the subject matter expert (SME) in security.

    • Implement security control that prevents misconfigurations of cloud resources, security observability of best practices about cloud infrastructure.

    • Update and improve Cloud Security Standards by working with the SRE team, detecting drift between standards and provisioned infrastructure in production.

    • Participate in security operations, responding to security incidents and providing security expertise for Personio customers and internal stakeholders. 

    • Keep yourself up to date about the cloud native technologies that Personio uses and how it overall impacts security.

    • Provide guidance inside the Security team on the golden path for provisioning infrastructure.

    • Support security operations by expanding the ingestion of critical log sources. 


    What you need to succeed
    • BS in Computer Science, Information Security, System administration or equivalent professional experience.

    • Good understanding of security fundamentals (CIA triad) and computer networks (OSI model, TLS)

    • Development experience in any modern programming language or scripting skills (E.g: Typescript, Python, Go,  Kotlin, Bash,, etc.).

    • Proven track record of experience with AWS. Experience with other CSPs are a plus.

    • Familiarity with the shared responsibility model.

    • Experience with shipping infrastructure changes with baseline quality on tests, scalability and security.

    • Experience with container orchestration. Kubernetes and ECS is a plus.

    • Demonstrated capacity to work with CI pipelines, preferable Gitlab CI/CD.

    • Experience with any paradigm of Infrastructure-as-Code (IaC), preferable Terraform, Cloudformation. Any experience with AWS CDK is a plus.

    • Experience with DevOps culture.

    • Capacity to execute investigations and troubleshoot problems in a multi-account architecture. 

    • Excellent English written and verbal communication skills and the ability to adapt messaging to executive, technical, and non-technical audiences.

    • Ability to drive and support technical, security and architectural infrastructure reviews. 

    • Ability to work with a high degree of autonomy.

    Why Personio

    Aside from our people, culture, and mission, there are a variety of additional benefits that help make Personio a great place to work! Work with us and receive:


    • A competitive compensation package that includes salary, benefits, and pre-IPO equity

    • 28 days of paid vacation, plus another additional day after 2 and 4 years (because we love what we do, but we also love vacation!)

    • 2 Impact Days you can use to have an impact on the environment and society –  one for an individual project of your choice and one for a company-wide initiative! #SocialResponsibility

    • Find your best way to work with our office-led, remote-friendly PersonioFlex! 

    • Annual personal development budget of €1,000 for conferences, courses, books, career coach, etc.

    • Regular company and team events

    • High-impact working environment with flat hierarchies and short decision-making processes

    • Receive generous family leave, child support, mental health support, and sabbatical opportunities with PersonioCares

    • Save money with corporate discounts across brands like Adidas, LG, Bosch, Apple, and more

    • Comprehensive healthcare and dental coverage for each permanent employee (excluding taxes)

    • Invest in your retirement via the Personio Pension Scheme, with a Personio match of up to 5%, depending on the geo-location.

    • Subsided Gym membership: Access multiple fitness studios and sports facilities (dependent on the location)

    • A vast choice of working locations: Munich, Berlin, Dublin, Madrid, Barcelona, Amsterdam… All with amenities like professional espresso machines, free drinks and snacks, and indoor and outdoor break spaces

    About us
    Bring your best. Make your mark. We’re using technology to revolutionize the way HR operates so that we can transform the way millions of people experience work every day. We move fast, challenge the status quo, and support our people as they shape their careers.  
     
    With over 10,000 customers and a team of 1,800 in seven offices across Europe, now is the perfect time to join! We believe in hiring driven people who want to make an impact. So bring your best, and let’s build the future of HR technology together.  
     
    Personio is an equal opportunities employer, committed to building an integrative culture where everyone feels welcomed and supported. We #EmbraceUniqueness and understand that our diverse, values-driven culture makes us stronger. We are proud to have an inclusive workplace environment that will foster your development no matter your gender, civil status, family status, sexual orientation, religion, age, disability, education level, or race.
     
     
     

    See more jobs at Personio

    Apply for this job