Engineer - Cyber Operations WORK FROM HOME; Select US States Eligible

Position: Engineer - Cyber Operations WORK FROM HOME (Select US States Eligible ONLY)
While this position is listed as WORK FROM HOME, we are only registered and can proceed with qualified candidates who reside and will work in one of the following states: AL, AZ, FL, GA, MI, MS, NE, NJ, NC, OH, OK, TN, TX. No exceptions.

No relocation assistance is available. Must be eligible to work in the US without employment sponsorship.

Direct Hire only, no third-party agency applications, please.

Job Title: Engineer - Cybersecurity Operations

Department: IT Security & Support FLSA Status: Exempt Job Status: FT

Reports To: Director of Fraud Prevention & Risk

Work Schedule: Remote, core working hours between 9am-3pm EST, but occasional after-hours support as needed.

Position Summary

The Engineer - Cybersecurity Operations is a pivotal role responsible for safeguarding the organization's digital assets through proactive vulnerability management, threat hunting, and swift incident response. This position leverages leading cloud security tools to monitor, analyze, and respond to security alerts, ensuring the resilience and integrity of our technology infrastructure. In addition to core cybersecurity responsibilities, this role works closely with IT and Dev Ops teams to ensure seamless integration of security controls, foster collaboration, and support secure development and operational practices.

Key Responsibilities

• Vulnerability Management:
Identify, assess, and prioritize security vulnerabilities across cloud and on-premises environments. Coordinate remediation efforts with IT and development teams, and conduct regular vulnerability scans using industry-standard tools.

• Threat Hunting:
Proactively search for indicators of compromise and emerging threats within the organization's networks and cloud services. Utilize threat intelligence feeds and behavioral analytics to detect and investigate anomalous activities.

• Incident Response:
Lead and coordinate the response to security incidents, from initial detection to containment, eradication, and recovery. Perform root cause analysis and develop post-incident reports with actionable recommendations, collaborating with IT and Dev Ops to implement corrective measures and preventive controls.

• Alert Management:
Monitor and triage security alerts from various cloud-based security platforms, ensuring timely investigation and escalation of critical issues. Fine-tune alerting mechanisms to reduce false positives and improve detection capabilities, working with IT and Dev Ops for integration and automation.

• Security Tool Administration:
Deploy, configure, and maintain cloud security solutions such as SIEM, EDR, and CSPM platforms. Ensure tools are optimized for visibility, automation, and integration with existing IT and Dev Ops workflows.

• Collaboration & Training:
Partner with cross-functional teams, including IT and Dev Ops, to implement best security practices. Deliver training and awareness sessions to technical and non-technical staff to promote a security-first culture.

• Documentation & Reporting:
Maintain comprehensive records of vulnerabilities, incidents, and investigation outcomes. Prepare regular reports for management and participate in compliance audits as needed, collaborating with IT and Dev Ops for accurate and complete documentation.

• This role may help mentor intern(s) and participate in cross-functional security initiatives.

Required Skills and Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience.

• 3+ years of hands-on experience in cybersecurity operations, with demonstrated advanced skills in vulnerability management, threat hunting, and incident response.

• Proficiency with cloud security platforms (e.g., Microsoft Azure, Intune, Defender for Cloud, AWS Security Hub) and security tools (e.g., Crowd Strike, Tenable Nessus, Abnormal AI, Palo Alto Panorama).

• Deep understanding of security frameworks (e.g., NIST, MITRE ATT&CK, CIS Controls) and regulatory requirements.

• Strong analytical and problem-solving skills; ability to communicate complex technical issues clearly to multiple audiences, including IT and Dev Ops teams.

• Relevant certifications such as CISSP, GIAC,…