Cyber Security Engineer Remote Jobs

15 Results

1d

Staff Cloud Security Engineer

TubiSan Francisco, CA; Remote
Designc++kubernetesAWS

Tubi is hiring a Remote Staff Cloud Security Engineer

Join Tubi (www.tubi.tv), Fox Corporation's premium ad-supported video-on-demand (AVOD) streaming service leading the charge in making entertainment accessible to all. With over 200,000 movies and television shows, including a growing library of Tubi Originals, 200+ local and live news and sports channels, and 455 entertainment partners featuring content from every major Hollywood studio, Tubi gives entertainment fans an easy way to discover new content that is available completely free. Tubi's library has something for every member of our diverse audience, and we're committed to building a workforce that reflects that diversity. We're looking for great people who are creative thinkers, self-motivators, and impact-makers looking to help shape the future of streaming.

About the Role:

The Tubi Security team is responsible for securing Tubi and Adrise applications and infrastructure. As a member of the Tubi Security team, the Staff Cloud Security Engineer will be responsible for securing the cloud infrastructure of both applications. Candidates for this should have a passion for reducing security risks in a cloud environment while building great partnerships with key stakeholders and engineers. 

Responsibilities:

  • Design, implement, and maintain secure architecture and infrastructure components, including networks, systems, and cloud environments, in accordance with industry best practices and regulatory requirements
  • Develop and deploy security controls and monitoring systems to detect and prevent security threats, intrusions, and vulnerabilities
  • Conduct and perform security reviews, threat models, and security assessments to identify and remediate security weaknesses
  • Build automation and tools for security fixes and policy enforcement
  • Participate in incident response, red/blue team exercises, and vulnerability triage 

Qualifications:

  • 8+ years of experience in cybersecurity with a focus on cloud and infrastructure security
  • Deep understanding of cloud security architecture (AWS preferred) and network security
  • Hands-on experience with SIEM, WAF and DDOS prevention tools
  • An understanding of security best practices, frameworks and principles such as OWASP Top 10, NIST CSF, SLSA Framework, and zero-trust
  • Great understanding of modern cloud technology components and deployment pattern such as containers, Kubernetes, infrastructure as code, etc
  • Experience performing threat models and risk assessments
  • Familiarity with compliance and privacy regulations such as SOX and GDPR
  • Excellent communication and problem solving skills with proven ability to collaborate effectively with technical and non-technical stakeholders

#LI-MQ1 

Pursuant to state and local pay disclosure requirements, the pay range for this role, with final offer amount dependent on education, skills, experience, and location is is listed annually below. This role is also eligible for an annual discretionary bonus, long-term incentive plan, and various benefits including medical/dental/vision, insurance, a 401(k) plan, paid time off and other benefits in accordance with applicable plan documents.

California, New York City, Westchester County, NY, and Seattle, WA
$181,000$259,000 USD
Colorado and Washington (excluding Seattle, WA)
$162,000$232,000 USD

Tubi is a division of Fox Corporation, and the FOX Employee Benefits summarized here, covers the majority of all US employee benefits.  The following distinctions below outline the differences between the Tubi and FOX benefits:

  • For US-based non-exempt Tubi employees, the FOX Employee Benefits summary accurately captures the Vacation and Sick Time.
  • For all salaried/exempt employees, in lieu of the FOX Vacation policy, Tubi offers a Flexible Time off Policy to manage all personal matters.
  • For all full-time, regular employees, in lieu of FOX Paid Parental Leave, Tubi offers a generous Parental Leave Program, which allows parents twelve (12) weeks of paid bonding leave within the first year of the birth, adoption, surrogacy, or foster placement of a child. This time is 100% paid through a combination of any applicable state, city, and federal leaves and wage-replacement programs in addition to contributions made by Tubi.
  • For all full-time, regular employees, Tubi offers a monthly wellness reimbursement.

Tubi is proud to be an equal opportunity employer and considers qualified applicants without regard to race, color, religion, sex, national origin, ancestry, age, genetic information, sexual orientation, gender identity, marital or family status, veteran status, medical condition, or disability. Pursuant to the San Francisco Fair Chance Ordinance, we will consider employment for qualified applicants with arrest and conviction records. We are an E-Verify company.

See more jobs at Tubi

Apply for this job

6d

IT Security Engineer

Mindoula Health IncUnited States Remote
5 years of experienceDesignazuremetallinuxAWS

Mindoula Health Inc is hiring a Remote IT Security Engineer

The IT Security Engineer will be responsible for maintaining and improving the security of our production environments and systems, including cloud. We are looking for a motivated, passionate, and hands-on expert in security operations and architecture. Our ideal candidate will drive the reduction of risk while enabling the business to move quickly and safely.

Location...

This is a 100% remote position in the United States. Applicants must be authorized to work for any employer in the US. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

What you'll do...

  • Discover, validate, and remediate security issues across IaaS, SaaS, and PaaS systems according to industry standards.
  • Build, deploy, document, and manage production security tools and services to monitor networks, endpoints, and cloud workloads.
  • Design, document, and operate scalable processes to provision cloud access and maintain least-privilege.
  • Build and maintain low-touch, production-quality cloud infrastructure using state-of-the-art enterprise DevSecOps practices.
  • Design, create, document, review, and consult on processes and tools that enable the engineering teams to build secure, reproducible, and productive container/VM/bare metal images.
  • Partner closely with security leadership, compliance, and engineering to execute on security strategies.
  • Assess and propose solutions regarding security to leadership.
  • Perform architectural and design reviews through the security lens and provide timely, actionable requirements and recommendations.
  • Perform security reviews of applications, systems, and third parties.
  • Perform security auditing and compliance functions in support of security frameworks, such as NIST and HITRUST.

What you'll need...

  • Bachelor’s degree in information technology preferred.
  • 5 years of experience in the security field, with 3+ years of experience working with AWS or Azure
  • 2+ years of Linux experience preferred.
  • Excellent communication and presentation skills.
  • A positive attitude and the ability to work effectively in a team-oriented environment and independently.
  • Ability to translate business needs into requirements and implement solutions.

About Mindoula...

Mindoula is a next generation population health management company that identifies, engages, and serves populations with complex behavioral health, medical, and social challenges across the continuum of care. By using technology to “scale the human connection,” Mindoula helps health plans, health systems, hospitals, and provider groups extend their reach and achieve their value-based service delivery goals. At Mindoula, we address the full range of behavioral health challenges. We deploy tech-enabled teams of case managers, care managers, community health workers, peer support specialists, therapists, and psychiatrists to provide 24/7 support to even the most complex and underserved behavioral health populations.

See more jobs at Mindoula Health Inc

Apply for this job

6d

Cyber Security Engineer

DatapriseRemote
azure

Dataprise is hiring a Remote Cyber Security Engineer

Cyber Security Engineer - Career Page

See more jobs at Dataprise

Apply for this job

8d

Cyber Security Engineer - Vulnerability Management

TestProsRemote (with some travel to Norfolk VA Area), VA
swiftqarubyc++

TestPros is hiring a Remote Cyber Security Engineer - Vulnerability Management

Cyber Security Engineer - Vulnerability Management - TestPros - Career PageNon-citizen al

See more jobs at TestPros

Apply for this job

8d

Cybersecurity Engineer

Talent Acquisition ConceptsArlington, VA Remote
Designlinux

Talent Acquisition Concepts is hiring a Remote Cybersecurity Engineer

Looking for challenging and rewarding work alongside some the best in the business? Energized by finding new solutions and technologies that benefit your clients, improve efficiency, and make buildings and the environment better? Eager to work in a setting where you can make a difference, be involved from strategy through implementation, and can see your ideas come to life? Do you thrive in an environment where initiative is rewarded with opportunity? If your answer to these questions was a “Yes” then our client may be the right fit for you.

And a few more things -- are you flexible in your work schedule and work location? Our work allows for some work from home, but it also requires us to be hands-on for our clients when and where they need us. Are you up for a little adventure? Our client performs work in some interesting places well worth visiting, and you might want in on that.

The Work:

The Cybersecurity Engineer is a Subject Matter Expert in applying the Risk Management Framework (RMF) and will be responsible for managerial direction and development of one or more projects under the supervision of the Cybersecurity Program Manager. The Project Manager will manage and interface with key clients and cultivate effective relationships with existing and potential stakeholders and partners to develop business, prepare proposals, negotiate contracts, and oversee the successful delivery of projects. This position works collaboratively with the Program Manager and other team members to support network discovery, developing hardware/software lists, and developing network diagrams. As part of a multi-disciplinary team the Project Manager will advise, implement, and manage cybersecurity and control system solutions for SCADA, HVAC, Fire Alarm/Life Safety Systems, and Electronic Security Systems and ensure projects are aligned, and closely with leadership in the successful growth and management of the program, ensuring that financial goals and objectives are maximized.

  • Oversee the application of the RMF to client systems
  • Provide project capabilities in design, network system documentation, and identification of FRCS and IT components
  • Lead and perform logical scans to locate FRCS components and assess network architecture and connectivity
  • Lead the completion of detailed network diagrams and network dataflow diagrams
  • Implement risk management programs for our federal clients
  • Enhance cyber awareness with clients and project teams
  • Work alongside federal clients to help them mitigate risk with the use of continuous monitoring and incident response
  • Establish security controls to ensure the protection of client systems
  • Implement cutting edge security tools for our federal clients
  • Create, implement, and maintain project plans for on-going and new initiatives
  • Document meetings minutes and action items and disseminate to meeting participants
  • Monitor status of action items through effective tracking tools and communication of progress and assist with closing of action items
  • Create, draft, and review project documentation

Here's What You Need:

  • 7+ years of experience performing network discovery, developing hardware/software lists, and developing network diagrams.
  • Strong leadership skills with experience managing teams
  • In-depth experience implementing the Risk Management framework
  • IT/OT network design experience
  • Experience designing and configuring servers, switches, workstations.
  • Experience designing and programming control system devices.
  • Experience working with RMF and NIST 800-53
  • Experience working with UFGS 25 05 11
  • Experience working with cyber security tools
  • Bachelor’s Degree in computer science, cybersecurity, or related engineering field or equivalent combination of training and experience
  • AT Level II Certification Required (CCNA-Security, GICSP, GSEC, Security+ CE, or SSCP certification), AT Level III Certification Preferred (CISSP)
  • Certifications in Cisco, Juniper, Moxa, and/or other Network Switches Preferred
  • Certifications in MS Windows Server, Active Directory, Enterprise OS Preferred
  • Certifications in Linux Operating Systems Preferred
  • Project Management Professional (PMP) Preferred
  • Registered Communications Distribution Designer (RCDD) Preferred

Equal Employment Opportunity Statement

Talent Acquisition Concepts is an Equal Opportunity Employer. We do not discriminate against anyone because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion, or sexual orientation.

Talent Acquisition Concepts is committed to providing veteran employment opportunities to our service men and women.

Other Employment Statements

Applicants for employment must be US citizens and be able to pass security screens, up to Top Secret level, due to the nature of who we work for.

Applicants must be able to work a full day on a project site, combined sitting, standing, walking, and in front of the monitor. We can guarantee you won’t be bored!

Applicants must be able to stand, climb ladders, stairs, and get to wherever the problem is so you can see it for yourself.

See more jobs at Talent Acquisition Concepts

Apply for this job

10d

Cyber Security Engineer

In All Media IncArgentina Remote
linuxAWS

In All Media Inc is hiring a Remote Cyber Security Engineer

The candidate must be proficient in:

  • Understanding and background with Intrusion Detection Systems and SIEM products.
  • Background in Incident Response.
  • Understanding and background with Firewalls and Networking.
  • Background in multiple Operating Systems and Cloud Environments. Linux, Windows, AWS, Azure.
  • Excellent written and verbal communication skills in English.

Key Responsibilities

  • Conduct or coordinate vulnerability scans, and penetration tests on systems, document findings, and recommend risk mitigation strategies.
  • Operate, administer and monitor network and host-based intrusion detection/prevention systems.
  • Assist other technical support staff in identifying and implementing appropriate security safeguards, including patch application and anti-malware strategies.
  • Analyze network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies, and potential security breaches.
  • Develop scripts, tools, and procedures to automate scans, assessments, and other monitoring and discovery activities.
  • Perform other duties as assigned.

See more jobs at In All Media Inc

Apply for this job

13d

Cybersecurity Engineer

Applaudo StudiosBogotá, Colombia, Remote

Applaudo Studios is hiring a Remote Cybersecurity Engineer

Job Description

About you:

You are someone who wants to influence your own development. You’re looking for a company where you have the opportunity to pursue your interests and be able to grow professionally.

You bring to Applaudo the following competencies:

  • 7+ years IT security or information security experience with a proven ability to engage with Senior Management and auditors.
  • Bachelor’s Degree in a relevant technical field highly recommended.
  • 4+ years of hands-on Information Security experience including execution of penetration tests, vulnerability assessments and SOC/Incident Response.
  • OSCP (Offensive Security Certified Professional) required.
  • OSWE (Offensive Security Web Expert) is a plus.
  • Must possess capabilities in one or more of the following vulnerability scanning solutions: Tenable, Rapid7, Qualys.
  • Strong written and verbal communication, presentation, and technical writing skills, coupled with a strong interest in further developing CyberSecurity skills.
  • Ability and comfort level researching current and emerging issues, including regulations, industry practices, and new technologies.
  • Excellent teamwork skills.
  • Multi-task with minimum supervision, uphold commitments made.
  • Self-learner capable of independent study of new concepts and tools.

You will be accountable for the following responsibilities:

  • Perform security testing of corporate assets and cloud infrastructure, analyze issues, and assess the risks associated with identified vulnerabilities, and facilitate remediation activities across the enterprise,
  • Coordinate Penetration Testing activities with third party vendors.
  • Review and develop Incident Response plan and procedures, IR playbooks, prepare for tabletop exercises.
  • Configure and operate the company’s SIEM solution ensuring full logs coverage, developing dedicated dashboards and alerts.
  • Support the security incidents investigations and response to ensure 24/7 coverage and operations.
  • Support compliance activities primarily achieving SOC 2 compliance.
  • Contribute to the creation and delivery of security trainings.
  • Take full responsibility for tasks including constantly reviewing your own work to identify and improve your own approach for producing quality work products.
  • Complete work in a timely manner and take responsibility for all work outputs.
  • Provide feedback to the broader IT team about new or emerging technologies, threats, and relevant solutions.
  • Seek, develop, and present ideas to the team.

Qualifications

See more jobs at Applaudo Studios

Apply for this job

18d

Cyber Security Engineer

Torc RoboticsRemote - US
Bachelor's degree10 years of experienceDesignc++

Torc Robotics is hiring a Remote Cyber Security Engineer

About the Company

At Torc, we have always believed that autonomous vehicle technology will transform how we travel, move freight, and do business.

A leader in autonomous driving since 2007, Torc has spent over a decade commercializing our solutions with experienced partners. Now a part of the Daimler family, we are focused solely on developing software for automated trucks to transform how the world moves freight.

Join us and catapult your career with the company that helped pioneer autonomous technology, and the first AV software company with the vision to partner directly with a truck manufacturer.

Meet the Team:

As the Safety and Cybersecurity Team, we contribute to a key area of Torcs products. We ensure that the product is designed considering the state of the art in safety and cybersecurity for road vehicles building on standards like ISO26262, ISO21448 and ISO21434. 

What you will do:

  • Provide strong cyber security systems engineering processes and methods to ensure optimum protection of Torc systems from cyber threats, working across teams involved with development and commercialization of software, hardware and infrastructure
  • Lead cyber security activities for Torc in compliance with ISO 21434, UNECE WP.29, and Torc cyber security development processes in collaboration with external teams
  • Lead the Threat Analysis and Risk Assessment (TARA) in collaboration with the functional safety team and lead the team for TARA updates. Base the TARA on the safety goals found in the ISO 26262 HARA
  • Lead the security concept development as well as the security requirements development and requirements review 
  • Collaborate with system design and architecture development teams on specification development for our Autonomous Trucking program.  Support the systems team in developing the security architecture for product lines  
  • Coach teams in implementing the cyber security requirements and provide guidance and support for the incident response team and support incident response activities as assigned 
  • Interface and drive implementation of cybersecurity concept in design phase and cultivate awareness of incident response in the engineering team and grow the cyber security culture 
  • Support the development of cyber security requirements for autonomous trucks
  •  Based on the performed product cybersecurity activities you prove the compliance with ISO/SAE 21434 withing a security case
  • Track cyber security issues and support activities for their closure (vulnerability management) 

What you will need to succeed:

  • Bachelor's degree in Systems Engineering, Computer Science, Electrical Engineering, Robotics, or related field
  • Experience developing cybersecurity requirements
  • Strong understanding of ISO 26262 and 21434 
  • Minimum 10 years of experience in an engineering related field
  • Complex hardware knowledge and expert software knowledge
  • Communication technologies and protocols (Ethernet, CAN)
  • Low Level OS and Middleware knowledge
  • Automotive cybersecurity experience 

Bonus Points!

  • Masters degree preferred
  • Experience with Autonomous Vehicles or ADAS

Perks of Being a Full-time Torc’r  

Torc cares about our team members and we strive to provide benefits and resources to support their health, work/life balance, and future. Our culture is collaborative, energetic, and team focused. Torc offers:     

  • A competitive compensation package that includes a bonus component and stock options  
  • 100% paid medical, dental, and vision premiums for full-time employees    
  • 401K plan with a 6% employer match  
  • Flexibility in schedule and generous paid vacation (available immediately after start date) 
  • Company-wide holiday office closures  
  • AD+D and Life Insurance
Hiring Range for Job Opening 
US Pay Range
$168,800$202,600 USD

At Torc, we’re committed to building a diverse and inclusive workplace. We celebrate the uniqueness of our Torc’rs and do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, veteran status, or disabilities.

Even if you don’t meet 100% of the qualifications listed for this opportunity, we encourage you to apply. We’re always looking for those that are hungry, humble, and people smart and your unique experience may be a great fit for this role or others.

See more jobs at Torc Robotics

Apply for this job

22d

Staff Cybersecurity Engineer

Torc RoboticsBlacksburg, VA; Remote, US
Master’s DegreeBachelor's degree10 years of experienceDesignc++python

Torc Robotics is hiring a Remote Staff Cybersecurity Engineer

About the Company

At Torc, we have always believed that autonomous vehicle technology will transform how we travel, move freight, and do business.

A leader in autonomous driving since 2007, Torc has spent over a decade commercializing our solutions with experienced partners. Now a part of the Daimler family, we are focused solely on developing software for automated trucks to transform how the world moves freight.

Join us and catapult your career with the company that helped pioneer autonomous technology, and the first AV software company with the vision to partner directly with a truck manufacturer.

Meet the team:  

As the Safety and Cybersecurity Team, we contribute to a key area of Torc's products. We ensure that the product is designed considering the state of the art in safety and cybersecurity for road vehicles building on standards like ISO26262, ISO21448 and ISO21434. 

What you will do: 

  • Provide strong cyber security systems engineering processes and methods to ensure optimum protection of Torc systems from cyber threats, working across teams involved with development and commercialization of software, hardware and infrastructure. 
  • Lead cyber security activities for Torc in compliance with ISO 21434, UNECE WP.29, and Torc cyber security development processes in collaboration with external teams 
  • Lead the Threat Analysis and Risk Assessment (TARA) in collaboration with the functional safety team and lead the team for TARA updates. Base the TARA on the safety goals found in the ISO 26262 HARA 
  • Lead thesecurity concept development as well as the security requirements development and requirements review 
  • Collaborate with system design and architecture development teams on specification development for our Autonomous Trucking program.  Support the systems team in developing the security architecture for product lines   
  • Coach teams in implementing the cyber security requirements 
  • Provide guidance and support for the incident response team and support incident response activities as assigned 
  • Cultivate awareness of incident response in the engineering team.  
  • Grow the cyber security culture 
  • Leadthe Cyber Security Plan 
  • Lead the CS process definition andalign to the Automotive SPICE compliant processes at Torc 
  • Support the SW cyber security tool qualification process 
  • Provide training for ISO 21434 
  • Track cyber security issues and support activities for their closure (vulnerability management)  
  • Interface with external vendors and suppliers to ensure cyber security compliance 
  • Support quality engineering team in answering cyber security related questions
  • Continually improve by staying up to date in cyber security technologies
  • Support the development of cyber security requirements for autonomous trucks  

What you will need to succeed: 

  • Bachelor's degree in systems engineering,computer Science,electricalengineering,robotics, or related field and: 
  • Minimum 10 years of experience in engineering or related field 
  • Experience working with ISO 21434 
  • Complex Hardware knowledge 
  • Communication technologies and protocols (Ethernet, CAN) 
  • Low Level OS and Middlewareknowledge 
  • Ability to read code (C/C++, Python) 
  • Automotive industryexperience 
  • Distributed and centralized ECUarchitectures 

Bonus Points! 

  • Master’s Degree or PhD. Preferred 
  • Experience with Autonomous Vehicles or ADAS 

Perks of Being a Full-time Torc’r  

Torc cares about our team members and we strive to provide benefits and resources to support their health, work/life balance, and future. Our culture is collaborative, energetic, and team focused. Torc offers:     

  • A competitive compensation package that includes a bonuscomponentand stock options   
  • 100% paid medical, dental, and vision premiums for full-time employees     
  • 401K plan with a 6% employer match   
  • Flexibility in schedule and generous paid vacation (availableimmediatelyafter start date)  
  • Company-wide holiday office closures   
  • AD+D and Life Insurance 
Hiring Range for Job Opening 
US Pay Range
$168,800$202,600 USD

At Torc, we’re committed to building a diverse and inclusive workplace. We celebrate the uniqueness of our Torc’rs and do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, veteran status, or disabilities.

Even if you don’t meet 100% of the qualifications listed for this opportunity, we encourage you to apply. We’re always looking for those that are hungry, humble, and people smart and your unique experience may be a great fit for this role or others.

See more jobs at Torc Robotics

Apply for this job

+30d

Senior Cloud Security Engineer

FanDuelRemote US
flutterc++

FanDuel is hiring a Remote Senior Cloud Security Engineer

Job Application for Senior Cloud Security Engineer at FanDuel{"@context":"schema.org","@type":"JobPosting","hiringOrganization":{"@type":"Organization","name":"FanDuel","logo":"https://recruiting.cdn.greenhouse.io/external_greenhouse_job_boards/logos/000/006/973/resized/preview3.jpg?1569577352"},"title":"Senior Cloud Security Engineer","datePosted":"2024-03-13","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":null,"addressRegion":null,"addressCountry":null,"postalCode":null}},"description":"\u003cp style=\"text-align: center;\"\u003e\u003cstrong\u003eABOUT FANDUEL \u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eFanDuel Group (“FanDuel\") is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier gaming destination in the United States, FanDuel consists of a portfolio of leading brands across gaming, sports betting, daily fantasy sports, advance-deposit wagering, and TV/media.\u003c/p\u003e\n\u003cp\u003eFanDuel has a presence across all 50 states with approximately 17 million customers and 28 retail locations. FanDuel is based in New York with offices in New Jersey , Georgia, California, Oregon, Canada and Scotland.\u003c/p\u003e\n\u003cp\u003eIts networks FanDuel TV and FanDuel+ are broadly distributed on linear cable television and through its relationships with leading direct-to-consumer over-the-top platforms.\u003c/p\u003e\n\u003cp\u003eFanDuel Group is a subsidiary of Flutter Entertainment plc, the world's largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).\u003c/p\u003e\n\u003cp style=\"text-align: center;\"\u003e\u003cstrong\u003eTHE ROSTER…\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eAt FanDuel, we give fans a new and innovative way to interact with their favorite games, sports and teams. We’re dedicated to building a winning team and we pride ourselves on being able to make every moment mean more, especially when it comes to your career. So, what does “winning” look like at FanDuel? It’s recognition for your hard-earned results, a culture that brings out your best work—and a roster full of talented coworkers. Make no mistake, we are here to win, but we believe in winning right. That means we’ll never compromise when it comes to looking out for our teammates. From creatives professionals to cutting edge technology innovators, FanDuel offers a wide range of career opportunities, best in class benefits, and the tools to explore and grow into your best selves. At FanDuel, our principle of “We Are One Team” runs through all our offices across the globe, and you can expect to be a part of an exciting company with many opportunities to grow and be successful.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eTHE POSITION\u003cbr\u003e\u003c/strong\u003eOur roster has an opening with your name on it\u003c/p\u003e\n\u003cp\u003e\u0026nbsp;\u003cspan class=\"TextRun MacChromeBold SCXW71160383 BCX0\" lang=\"EN-US\" data-contrast=\"auto\"\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003eWe are looking for a skilled and accomplished Cloud Security Engineer to join our Software Security Team. In this role, you will \u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003ebe responsible \u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003efor\u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e executing\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"TextRun SCXW71160383 BCX0\" lang=\"EN-US\" data-contrast=\"none\"\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e a comprehensive\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"TextRun MacChromeBold SCXW71160383 BCX0\" lang=\"EN-US\" data-contrast=\"auto\"\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e Cloud Security strategy, \u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003ementoring\u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e and advising \u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003ediverse \u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003eteams across the organization\u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e, and implementing secure by default principles across\u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e FanDuel. This role offers an excellent opportunity for you to apply your \u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003eexpertise\u003c/span\u003e\u003cspan class=\"NormalTextRun SCXW71160383 BCX0\"\u003e in cloud security, ensuring the protection and integrity of our cloud-based infrastructure.\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"EOP SCXW71160383 BCX0\" data-ccp-props=\"{\u0026quot;201341983\u0026quot;:0,\u0026quot;335559738\u0026quot;:280,\u0026quot;335559739\u0026quot;:280,\u0026quot;335559740\u0026quot;:276}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eTHE GAME PLAN\u003c/strong\u003e\u003cbr\u003e\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003eEveryone on our team has a part to play\u003c/p\u003e\n\u003cul\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eAct as a subject matter expert on public cl\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eoud security and cloud native security within the \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eCyberSecurity\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e Department and across the organization\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eProvide \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eexpertise\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e in public cloud security for initiatives related to detection \u0026amp; response, vulnerability management, and compliance.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003ePerform security assessments of cloud infrastructure, \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eidentify\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e potential threat vectors, and recommend mitigation strategies to prevent disruptions and data breaches.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eCollaborate with technology stakeholders to \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eestablish\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e security metrics that \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003edemonstrate\u003c/span\u003e \u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eproficiency\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e across various technology teams \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eoperating\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e in the cloud.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eOwn and \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003edeliver\u003c/span\u003e \u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eautomation tools to enhance application security in the cloud, \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003ef\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eacilitating\u003c/span\u003e \u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003efaster and more accessible security enhancements.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"6\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eLead the implementation of \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003esecurity solutions integrated into the Secure Development Lifecycle (SDL) for cloud-based \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003einfrastructure\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e and \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eapplications.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"7\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eDocument processes associated with critical cloud systems for compliance and auditing purposes.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"8\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eWork closely with development and operations teams to define and enforce cloud application security standards and best practices.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"10\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"9\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eTake on \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eadditional\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e responsibilities as needed to \u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003emaintain\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e and improve cloud security across the organization.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp data-ccp-border-between=\"0px none #000000\" data-ccp-padding-between=\"0px\"\u003e\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eTHE STATS\u003cbr\u003e\u003c/strong\u003eWhat we’re looking for in our next teammate\u003c/p\u003e\n\u003cul\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"9\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"10\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003eExpertise\u003c/span\u003e\u003cspan data-ccp-parastyle=\"Normal (Web)\"\u003e in cloud architecture and design, including the ability to design highly secure and scalable cloud environments.\u003c/span\u003e\u003c/span\u003e\u003cspan data-ccp-props=\"{\u0026quot;134233117\u0026quot;:true,\u0026quot;134233118\u0026quot;:true}\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"9\" data-list-defn-props=\"{\u0026quot;335552541\u0026quot;:1,\u0026quot;335559685\u0026quot;:720,\u0026quot;335559991\u0026quot;:360,\u0026quot;469769226\u0026quot;:\u0026quot;Symbol\u0026quot;,\u0026quot;469769242\u0026quot;:[8226],\u0026quot;469777803\u0026quot;:\u0026quot;left\u0026quot;,\u0026quot;469777804\u0026quot;:\u0026quot;\u0026quot;,\u0026quot;469777815\u0026quot;:\u0026quot;hybridMultilevel\u0026quot;}\" data-aria-posinset=\"11\" data-aria-level=\"1\"\u003e\u003cspan data-contrast=\"none\"\u0

See more jobs at FanDuel

Apply for this job

+30d

Cybersecurity Engineer

CIYIS LLCAtlanta, GA Remote
Design

CIYIS LLC is hiring a Remote Cybersecurity Engineer

We are seeking a Cybersecurity Engineer to join our team! You will be responsible for the management and delivery of SaaS applications for a government client. Serves as the Cybersecurity Engineer for a large, complex task order (or a group of task orders affecting the same system) and shall assist the PMO in working with managing customer requirements. Under the responsible for the overall delivery of various FedRAMP and ATO compliance project initiatives while ensuring that the technical solutions and schedules in the task order are implemented in a timely manner. Manages and reports project cost, schedule, and performance.

Responsibilities:

  • Plans, directs, and co-ordinates a group of Cybersecurity activities to manage and implement Cybersecurity project(s) from contract/proposal initiation to final operational stage.
  • Accountable for the monitoring and enforcing compliance to IT and cyber security policies and governing procedures to reduce risk to cyber incidents and potential areas of non-compliance.
  • Responsible for understanding and assessing technology and operational risks related to internal technology solutions and at times, might be asked to provide input to personnel on appropriate controls to address those risks.
  • Leads the project/program team(s) in determining client requirements and translating requirements into operational plans.
  • Ensures adherence to legally binding requirements and client’s long-term goals. Facilitates status review meetings among project team members and clients.
  • Works with the PMO on project/program proposals, bids, contracts, estimates, and schedules.
  • Maintains awareness on emerging technologies and project/program management techniques.
  • Provides Cybersecurity leadership in the design, build and overseeing of the security architectures, security engineering life cycle, infrastructure & network, and computer security for an organization.
  • Provides Cybersecurity leadership in the vulnerability testing, risk analyses and security assessments of local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices according to security standards, security systems and authentication protocols.
  • Provides Cybersecurity leadership in the definition, implementation, and maintenance of enterprise security policies and procedures.
  • Provides Cybersecurity leadership in the response to security-related incidents and follow(s) industry best practices in a thorough post-event analysis.
  • Provides Cybersecurity leadership in the architecture review and risk & impact assessment for the critical information assets.

Qualifications:

  • Previous experience in ERP information technology and/or other related fields
  • Demonstrated leadership experience in projects of similar size and complexity
  • Six years general IT experience
  • Six years cybersecurity experience
  • Must possess a DOD Secret Clearance and be eligible for an IT-II upon assignment.
  • Must possess certification meeting the DOD 8570.01 IAM level III
  • Nice to have a Risk Management Professional credential
  • Strong knowledge of RMF

Education & Clearance Requirements:

  • 4 Year degree in computer sciences, Information Technology, or equivalent experience
  • Candidate must posses the ability to maintain a government security clearance.
  • No visa sponsorship available.

    CIYIS is an Equal Opportunity Employer and all Qualified Applicants will receive consideration for employment without regard to Race, Color, Religion, Sex, National Origin, Disability Status, Protected Veteran Status or any other Characteristic Protected by Law.

    See more jobs at CIYIS LLC

    Apply for this job

    +30d

    IT Security Engineer

    Timocom GmbHErkrath, Germany, Remote

    Timocom GmbH is hiring a Remote IT Security Engineer

    Stellenbeschreibung

    Als IT Security Engineer (m/w/d) bei TIMOCOM erarbeitest du gemeinsam mit deinem Team Maßnahmen, Konzepte und Richtlinien zur kontinuierlichen Verbesserung des Betriebs- und Sicherheitsniveaus.

    • Dabei bist du für die Definition, Einführung, sowie Weiterentwicklung und Implementierung von IT-Sicherheitsvorgaben verantwortlich.
    • Für den IT-Betrieb evaluierst und betreust du IT-Sicherheitslösungenund identifizierst IT-Sicherheitsrisiken sowie Schwachstellen.
    • Du konzipierst Sicherheitsanforderungen für Web-Applikationen und etablierst einen Secure Software Development Lifecycle.
    • Zudem führst du Sicherheitsprüfungen und Sicherheitsanalysen der IT-Infrastruktur durch.
    • Du berätst Softwareentwicklern sowie Fachbereiche und Projektgruppen zu Themen der IT-Sicherheit und empfiehlst Maßnahmen zur Steigerung des IT-Sicherheitsniveaus.
    • Es steht dir frei, entweder 100 Prozent remote zu arbeiten oder flexibel unsere TEAMocom Spaces vor Ort zu nutzen.

    Qualifikationen

    • Du bringst mehrjährige Berufserfahrung im Bereich der IT-Sicherheit mit.
    • Mit Client- und Server-Betriebssystemen wie Microsoft und Unix kennst du dich bestens aus.
    • Zudem bringst du fundiertes Wissen zur sicheren Konfiguration und Überwachung der Office 365 Cloudmit.
    • Du hast ein gutes Verständnis für Best-Practices der IT-Sicherheit, sowie für Netzwerk- und Betriebssystem-Architekturen (z.B. ISO 27001, ISO 22301).
    • Bestenfalls konntest du erste Erfahrungen im Bereich von Pentesting und Red Teaming sammeln.
    • Damit du dich in deinem Team gut verständigen kannst, bringst du gute Deutsch- und Englischkenntnisse mit.

    See more jobs at Timocom GmbH

    Apply for this job

    +30d

    Senior Cloud Security Engineer

    StockXRemote, USA
    Bachelor's degreeterraformsqlDesignazuredockerkubernetespythonAWS

    StockX is hiring a Remote Senior Cloud Security Engineer

    Help empower our global customers to connect to culture through their passions.

    Why you’ll love this role

    This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team.  This team is responsible for leading efforts to enhance the security of the cloud infrastructure and applications all across StockX. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. They provide ongoing engineering support for security systems in our cloud native environment.  This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.

    What you’ll do

    • Partner with the Platform Engineering and IT teams to design, implement, and manage security measures for our AWS & Azure cloud infrastructure.
    • Collaborate with cross-functional teams to automate and expedite integration of security best practices into the entire development lifecycle, from design to deployment.
    • Use available tooling to assess risks and vulnerabilities and implement strategies to mitigate and remediate identified security risks.
    • Automate enforcement security of policies and related controls for AWS cloud services and data protection.
    • Monitor and respond to security incidents, conduct investigations, and implement incident response procedures as needed with confidentiality and professionalism.
    • Design and implement identity and access management (IAM) solutions for secure access control.
    • Partner with other teams to ensure IAM controls are part of a defense in depth strategy
    • Ensure the continuing operation and effectiveness of key identity and access management controls
    • Stay abreast of the latest cloud security trends, threats, and vulnerabilities, and implement proactive measures to address emerging risks.
    • Possess knowledge of reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and Docker supported by other engineering teams.
    • Provide mentorship and guidance to junior members of the security team.
    • Ability to quickly analyze logs and configurations using; Python, JQ, cURL, etc.
    • Integrate application security tooling within the existing CI/CD environment to improve application security.

    About you

    • 4-7 years of relevant security experience.
    • Bachelor's degree preferred but not required.
    • Cyber security certifications preferred e.g. CISSP, CISM, Security +, AWS Security
    • Strong experience with cloud native environments and with multiple cloud services providers
    • Experience with scripting across multiple cloud providers and infrastructure APIs to analyze security posture and configurations.
    • Detailed understanding of cloud and network security
    • Experience reading other engineer’s code across a number of languages to identify security issues.
    • Understanding of modern cloud technology components and deployment patterns: containers, Kubernetes, serverless, infrastructure as code, etc.
    • Experience with OAuth/SAML techniques and OIDC
    • Deep understanding of Identity & Access Management security controls and tooling
    • Strong understanding of securing distributed cloud and on-premesis networks using security groups, network ACLs, VPNs, and WAFs among other technologies
    • Strong understanding of security monitoring tools for cloud environments such as CSPM, CASB, cloud audit logs such as AWS Cloudtrail, etc
    • Strong understanding of application security tools such as Snyk, Sonarcloud, Dependabot or Renovate, GitGuardian, etc 
    • Technical understanding of how threats like Spam, Phishing, DDoS Attacks, Brute Force Attacks, SQL Injections, XSS are executed and how to protect against them across an organization.

     

    Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

    Pursuant to the various pay transparency laws/acts, the base salary range is $140,000 to $160,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.

    About Us

    StockX is proud to be a Detroit-based technology leader focused on the large and growing online market for sneakers, apparel, accessories, electronics, collectibles, trading cards, and more. StockX's powerful platform connects buyers and sellers of high-demand consumer goods from around the world using dynamic pricing mechanics. This approach affords access and market visibility powered by real-time data that empowers buyers and sellers to determine and transact based on market value. The StockX platform features hundreds of brands across verticals including Jordan Brand, adidas, Nike, Supreme, BAPE, Off-White, Louis Vuitton, Gucci; collectibles from artists including KAWS and Takashi Murakami; and electronics from industry-leading manufacturers Sony, Microsoft, Nvidia, and Apple. Launched in 2016, StockX employs more than 1,000 people across offices and verification centers around the world.
     
     
    We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. However, this job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position. StockX reserves the right to amend this job description at any time.

    See more jobs at StockX

    Apply for this job

    +30d

    Senior IT Security Engineer (remote)

    ClientSolvTechnologiesDenver, CO, Remote
    Design

    ClientSolvTechnologies is hiring a Remote Senior IT Security Engineer (remote)

    Job Description

    We are seeking an experienced and CISSP certified Cybersecurity Engineer for a 6 month contract-to-hire role.  This role can work remotely from anywhere within the U.S. 

     

    In this role, you will apply Information Technology (IT) security principles, methods and security products to protect and maintain the availability, integrity, confidentiality and accountability of   IT resources and physical security access of property and personnel. You will be accountable for executing assigned tasks to implement the goals of the organization's Information Security initiatives, on time and within approved budget.

    Essential Duties and Responsibilities:

    • Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
    • Develops, documents and maintains methodology for sensitive and critical application and general support for IT security systems.
    • Researches technical and IT security topics; maintains information on industry trends.
    • Collaborates with others in the Company (i.e. Information Technology engineers, Network Engineers, etc) to perform design review and analysis of network infrastructure modifications.
    • Develops policies, procedures and maintains scripts, routines and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; detects malware or malicious activities.
    • Periodically reviews firewall and router rules and access control lists.
    • Monitors and reviews intrusion detection systems and firewall logs to identify adverse patterns and coordinate mitigation responses.
    • Performs security assessments, risk identification and mitigation planning and execution.
    • Leads vulnerability management efforts and actively participates in patch management and risk management processes.
    • Participates in emergency operations, including the Computer Security Incident Response Team.
    • Responsible for PKI Infrastructure management and support - User and Server Authentication
    • Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
    • Ensures processes and procedures are developed, documented, maintained and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory require

    Qualifications

    • CISM, CISA, CRIS, CISSP, or similar certification required.
    • BS in Information Technology or equivalent combination of directly applicable experience and certification
    • Minimum 5 years’ direct Cybersecurity Engineer or information assurance experience
    • Strong experience working with market standard Vulnerability Assessment tools
    • Must have experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation
    • Experience with policy and process documentation
    • Understanding of DNS, DHCP and LDAP
    • System hardening experience utilizing STIGs, CIS or USGCB
    • Security Incident Response experience
    • Strong oral and written communication abilities with experience writing policies
    • Must possess strong analytical and troubleshooting skills
    • Must be able to serve as a technical resource to IT staff

    Apply for this job

    +30d

    Senior IT Security Engineer

    ClientSolvTechnologiesLos Angeles, CA, Remote
    Design

    ClientSolvTechnologies is hiring a Remote Senior IT Security Engineer

    Job Description

    We are seeking an experienced and CISSP certified Cybersecurity Engineer for a 6 month contract-to-hire role.  This role can work remotely from anywhere within the U.S. 

     

    In this role, you will apply Information Technology (IT) security principles, methods and security products to protect and maintain the availability, integrity, confidentiality and accountability of   IT resources and physical security access of property and personnel. You will be accountable for executing assigned tasks to implement the goals of the organization's Information Security initiatives, on time and within approved budget.

    Essential Duties and Responsibilities:

    • Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
    • Develops, documents and maintains methodology for sensitive and critical application and general support for IT security systems.
    • Researches technical and IT security topics; maintains information on industry trends.
    • Collaborates with others in the Company (i.e. Information Technology engineers, Network Engineers, etc) to perform design review and analysis of network infrastructure modifications.
    • Develops policies, procedures and maintains scripts, routines and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; detects malware or malicious activities.
    • Periodically reviews firewall and router rules and access control lists.
    • Monitors and reviews intrusion detection systems and firewall logs to identify adverse patterns and coordinate mitigation responses.
    • Performs security assessments, risk identification and mitigation planning and execution.
    • Leads vulnerability management efforts and actively participates in patch management and risk management processes.
    • Participates in emergency operations, including the Computer Security Incident Response Team.
    • Responsible for PKI Infrastructure management and support - User and Server Authentication
    • Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
    • Ensures processes and procedures are developed, documented, maintained and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory require

    Qualifications

    • CISM, CISA, CRIS, CISSP, or similar certification required.
    • BS in Information Technology or equivalent combination of directly applicable experience and certification
    • Minimum 5 years’ direct Cybersecurity Engineer or information assurance experience
    • Strong experience working with market standard Vulnerability Assessment tools
    • Must have experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation
    • Experience with policy and process documentation
    • Understanding of DNS, DHCP and LDAP
    • System hardening experience utilizing STIGs, CIS or USGCB
    • Security Incident Response experience
    • Strong oral and written communication abilities with experience writing policies
    • Must possess strong analytical and troubleshooting skills
    • Must be able to serve as a technical resource to IT staff

    Apply for this job