Job description
Northgate Cyber Solutions is seeking a results-driven Senior Cybersecurity Engineer to join our security engineering team in Seattle. You will design, implement, and operate enterprise-grade security controls to safeguard critical assets across cloud and on-prem environments. This role emphasizes hands-on engineering, threat modeling, and collaboration with product and DevSecOps teams to build secure software and resilient infrastructure.
As a senior member of our security practice, you will mentor engineers, drive secure-by-default initiatives, and help mature our security operations capabilities. The ideal candidate combines deep technical expertise with strong communication and a bias for action.
Responsibility
- Lead design and implementation of secure architectures across cloud and on-prem environments, ensuring defense-in-depth and compliance alignment.
- Operate and optimize SIEM, EDR, and cloud-native security tools to detect, investigate, and respond to threats in real time.
- Develop and enforce security controls (identity, access, network segmentation, data protection) in collaboration with DevOps and application teams.
- Perform threat modeling and risk assessment for new initiatives; translate findings into actionable security requirements.
- Lead incident response efforts, coordinate with cross-functional teams, and drive post-incident remediation and reporting.
- Design and implement vulnerability management programs, including scanning, patching, and remediation tracking.
- Foster a security-first culture through training, secure coding guidance, and security reviews of architectures and deployments.
Qualification
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field; or equivalent work experience.
- 8+ years of hands-on cybersecurity experience with strong emphasis on engineering and operations.
- Expertise in cloud security (AWS, Azure, or Google Cloud) and cloud security tooling; experience with IAM, KMS, VPC, and network security controls.
- Proven experience with SIEM (e.g., Splunk, QRadar) and endpoint security (EDR/XDR); proficiency in threat hunting and incident response.
- Proficiency in programming/scripting (Python, Bash, PowerShell) and secure development practices; familiarity with CI/CD pipelines and DevSecOps.
- Strong understanding of governance, risk, and compliance requirements (NIST, CIS, SOX, GDPR/CCPA as applicable).
- Excellent communication, collaboration, and mentoring skills; demonstrated ability to influence and drive security initiatives cross-functionally.
- Relevant certifications (CISSP, CISM, OSCP, SANS) are a plus.