Cybersecurity Engineer

We are seeking a proactive and detail-oriented Cybersecurity Engineer to join our growing security team. In this role, you will be responsible for designing, implementing, and maintaining technical security controls across our cloud infrastructure. You will play a critical role in helping the organization meet and maintain compliance with SOC 2,
HIPAA
, and PCI DSS
, while building scalable defenses that support our Dev Ops and engineering workflows.

Responsibilities

• Cloud Security Engineering:
  Architect and enforce security best practices for AWS infrastructure, including IAM hardening, network segmentation, encryption, monitoring, and access control.
• Infrastructure as Code Security:
  Use Terraform to define and enforce compliant infrastructure. Maintain guardrails and reusable secure modules to support a security-by-default approach.
• Threat Detection & Monitoring:
  Build and tune log pipelines and alerts in Sumo Logic to identify misconfigurations, anomalous behavior, and potential threats.
• CI/CD and Code Security:
  Collaborate with engineering to embed security into Git Hub workflows and CI/CD pipelines. Implement controls for code scanning, secrets management, and artifact integrity.
• Vulnerability Management:
  Manage and respond to vulnerability findings across cloud, container, and application layers. Prioritize remediation based on risk and regulatory requirements.
• Audit & Compliance Engineering:
  Implement and maintain technical controls to meet SOC 2, HIPAA, and PCI DSS requirements. Partner with Compliance and GRC teams during audits and readiness assessments.
• Incident Readiness:
  Assist in the development and testing of the incident response plan. Participate in threat simulations and security incident handling.
• Security Enablement:
  Support security education, documentation, and enablement efforts across engineering and operations teams

Requirements

• Required:
  • 5+ years in cybersecurity engineering, cloud security, or Dev Sec Ops .
  • Deep experience with AWS security services (IAM, KMS, VPC, Config, Guard Duty, etc.).
  • Strong proficiency with Terraform and Infrastructure as Code best practices.
  • Experience with Sumo Logic or equivalent log management tools.
  • Familiarity with securing CI/CD and development workflows in Git Hub.
  • Demonstrated knowledge and practical experience implementing and maintaining compliance for SOC 2, HIPAA, and PCI DSS.
  • Strong understanding of vulnerability management, threat detection, and response.
• Nice to Have:
  • Experience with Kubernetes security (EKS, container scanning).
  • Experience writing security policies or helping with control mapping.
  • Certifications such as AWS Security Specialty, CISM, CISSP, or GCPN

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Work From Home
• Stock Option Plan