Cybersecurity Engineer

<p>We are seeking a proactive and detail-oriented <strong>Cybersecurity Engineer</strong> to join our growing security team. In this role, you will be responsible for designing, implementing, and maintaining technical security controls across our cloud infrastructure. You will play a critical role in helping the organization meet and maintain compliance with <strong>SOC 2</strong>, <strong>HIPAA</strong>, and <strong>PCI DSS</strong>, while building scalable defenses that support our DevOps and engineering workflows.</p><p></p><h3><strong>Responsibilities</strong></h3><ul> <li> <strong>Cloud Security Engineering</strong><br> Architect and enforce security best practices for <strong>AWS infrastructure</strong>, including IAM hardening, network segmentation, encryption, monitoring, and access control. </li> <li> <strong>Infrastructure as Code Security</strong><br> Use <strong>Terraform</strong> to define and enforce compliant infrastructure. Maintain guardrails and reusable secure modules to support a security-by-default approach. </li> <li> <strong>Threat Detection &amp; Monitoring</strong><br> Build and tune log pipelines and alerts in <strong>Sumo Logic</strong> to identify misconfigurations, anomalous behavior, and potential threats. </li> <li> <strong>CI/CD and Code Security</strong><br> Collaborate with engineering to embed security into <strong>GitHub</strong> workflows and CI/CD pipelines. Implement controls for code scanning, secrets management, and artifact integrity. </li> <li> <strong>Vulnerability Management</strong><br> Manage and respond to vulnerability findings across cloud, container, and application layers. Prioritize remediation based on risk and regulatory requirements. </li> <li> <strong>Audit &amp; Compliance Engineering</strong><br> Implement and maintain technical controls to meet <strong>SOC 2</strong>, <strong>HIPAA</strong>, and <strong>PCI DSS</strong> requirements. Partner with Compliance and GRC teams during audits and readiness assessments. </li> <li> <strong>Incident Readiness</strong><br> Assist in the development and testing of the incident response plan. Participate in threat simulations and security incident handling. </li> <li> <strong>Security Enablement</strong><br> Support security education, documentation, and enablement efforts across engineering and operations teams.</li> </ul><p><strong>Requirements</strong></p><ul> <li><strong>Required:</strong></li> <ul> <li> 5+ years in cybersecurity engineering, cloud security, or DevSecOps. </li> <li> Deep experience with <strong>AWS</strong> security services (IAM, KMS, VPC, Config, GuardDuty, etc.). </li> <li> Strong proficiency with <strong>Terraform</strong> and Infrastructure as Code best practices. </li> <li> Experience with <strong>Sumo Logic</strong> or equivalent log management tools. </li> <li> Familiarity with securing CI/CD and development workflows in <strong>GitHub</strong>. </li> <li> Demonstrated knowledge and practical experience implementing and maintaining compliance for <strong>SOC 2</strong>, <strong>HIPAA</strong>, and <strong>PCI DSS</strong>. </li> <li> Strong understanding of vulnerability management, threat detection, and response. </li> </ul> <li><strong>Nice to Have:</strong></li> <ul> <li> Experience with Kubernetes security (EKS, container scanning). </li> <li> Experience writing security policies or helping with control mapping. </li> <li> Certifications such as AWS Security Specialty, CISM, CISSP, or GCPN.</li> </ul> </ul><p><strong>Benefits</strong></p><p></p><ul> <li>Health Care Plan (Medical, Dental &amp; Vision)</li> <li>Retirement Plan (401k, IRA)</li> <li>Life Insurance (Basic, Voluntary &amp; AD&amp;D)</li> <li>Paid Time Off (Vacation, Sick &amp; Public Holidays)</li> <li>Family Leave (Maternity, Paternity)</li> <li>Short Term &amp; Long Term Disability</li> <li>Work From Home</li> <li>Stock Option Plan</li> </ul><p></p><p></p><p></p>