Cyber Security Engineer

Summary

We’re seeking a Cyber Security Engineer with strong expertise in both application security architecture and cybersecurity tooling implementation. This role bridges hands-on technical security work with strategic design — ensuring that applications, services, and platforms are built securely from the ground up while continuously improving the organization’s security stack through automation, integration, and operational excellence.

Responsibilities

Application Security & Architecture

• Partner with development and enterprise architecture teams to design secure application architecture standards and establish and enforce secure coding practices.
• Conduct threat modeling, application security reviews, and design-level risk assessments.
• Integrate security into the SDLC and CI/CD pipelines, including SAST, DAST, dependency scanning, and secret management.
• Develop and maintain standards, patterns, and reusable components for secure microservices, APIs, and cloud-native architectures.
• Support modern frameworks (e.g., containerized applications, REST APIs, cloud functions) with tailored security guidance and tooling.

Cybersecurity Tooling Implementation & Operations

• Implement, integrate, and manage core cyber defense and application security tools (e.g., SIEM, SOAR, vulnerability management, secrets management, application scanning, and cloud security posture tools).
• Automate detection, alerting, and response workflows using scripting or orchestration frameworks.
• Partner with multiple teams (networking, applications, etc) and Security Operations teams to optimize tool coverage and minimize alert fatigue through effective use cases and tuning.
• Develop dashboards and metrics showing coverage, findings, and remediation trends.
• Lead continuous improvement initiatives focused on efficiency, reliability, and risk reduction through technology adoption.

Requirements

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent hands-on experience).
• 3–7 years of experience in security engineering, with emphasis on application security and security tool administration.
• Proficiency in one or more programming or scripting languages (Python, Java, or Go).
• Hands-on experience with cloud platforms (AWS, Azure, or GCP) and their native security services.
• Familiarity with CI/CD security integrations (GitHub Actions, Jenkins, GitLab CI, etc.).
• Experience with tools such as Snyk, Palo Alto, Burp Suite, Tenable, Abnormal, Sentinel, Wiz, or Realiaquest.
• Strong understanding of OWASP Top 10, software supply chain security, and identity architectures.
• Excellent communication and cross-team collaboration skills.
• Experience with OT environments, operations and

Preferred Certifications

• CISSP, CSSLP, or MS Security Certifications
• GIAC GWAPT, GCSA, or GDSA

Success in This Role

You will thrive in this position if you:

• Enjoy building security into the architecture rather than enforcing it as an afterthought.
• Can balance innovation with practical risk management.
• Are comfortable working across development, operations, and governance teams to drive security maturity forward.
• Strong understanding of how to build and balance security and compliance
• Proficient with Microsoft stack to include Azure, Powershell, and Defender
• Proficient in OT security to include operational differences between IT and OT.

Key skills/competency

• Application Security
• Security Architecture
• SDLC Security
• CI/CD Security
• Cloud Security
• Security Tooling
• Automation
• Threat Modeling
• Vulnerability Management
• Risk Management