Cyber Security Engineer

Job Description:

A Security Engineer serves as the security engineer of complex technology implementations in a product-centric environment; is comfortable with bridging our client between legacy development or operations teams and working toward a shared culture and vision; works to ensure developers create the most secure systems while enhancing the privacy of all system users; and has experience with white-hat hacking and fundamental computer science concepts.

The Security Engineer will perform security audits, risk analysis, application-level vulnerability testing, and security code reviews; develop and implement technical solutions to help mitigate security vulnerabilities; and conduct research to identify new attack vectors.

• Demonstrated skills in security architecture, IT Security, networking, or systems administration with an emphasis on security.
• Proven knowledge of security architecture design, network security, vulnerability management, and threat intelligence/analysis.
• Knowledge of common information security management frameworks, such as NIST, CIS, ISO 27001, COBIT, or PCI DSS.
• Strong understanding of encryption.
• Strong understanding of networking concepts and protocols (e.g., TCP/IP, LAN, WAN, DHCP, DNS, Routing Protocols, etc.)
• Expert-level knowledge of security systems such as SIEM (Microsoft Sentinel), IPS, Firewalls, and related network security tools.
• Operating Systems: Windows, Unix, Mac -Databases: SQL, Azure, Oracle.
• Must have hands-on experience using Model Context Protocol (MCP) to enable AI agents and large language models to interact with external tools, APIs, and enterprise data.

This classification must have a minimum of ten (10) years of experience with developing and implementing technical solutions to help mitigate security vulnerabilities.

• 2 years of experience with Microsoft Azure (IaaS, PaaS, IaaS), Microsoft Sentinel, CrowdStrike, Tenable, Palo Alto Firewall Zscaler KQL.
• 1+ years of experience developing AI-enabled solutions using modern LLM tools (e.g., Codex, Claude, or similar) to support GRC and Incident Response processes.
• 3+ years of experience within each of the following: - Incident response - managing the security of multiple platforms, operating system, software and network protocols for a large IT organization - risk management, auditing, assessment, industry security framework, and/or internal controls - security, operations, control assessment, risk management, auditing, and/or internal controls - with security and privacy legal and regulatory requirements - performing information security risk assessments and risk analysis.

Skills Required:

• Security Engineers will possess knowledge and experience in safeguarding sensitive data from cyber-attacks.

Experience Required:

• This classification must have a minimum of ten (10) years of experience with developing and implementing technical solutions to help mitigate security vulnerabilities.

Education Required:

• This classification requires the possession of a bachelor’s degree in an IT-related or Engineering field. Additional qualifying experience may be substituted for the required education on a year-for-year basis.
• ITIL Foundation certification and CISSP (Certified Information Systems Security Professional)