Job description
We are seeking a results-driven Senior Cybersecurity Engineer to join our expanding security program. You will design, implement, and operate security controls across cloud-native platforms, on-prem environments, and hybrid architectures. The ideal candidate has hands-on experience with modern security tooling, threat modeling, and incident response, with a passion for building resilient systems.
At CipherGuard, you’ll collaborate with product, platform, and DevOps teams to reduce risk while enabling rapid innovation. If you're a proactive security professional who thrives in a fast-paced environment, we want to hear from you.
Responsibility
- Lead the design and implementation of cloud and on-prem security controls (IAM, network segmentation, encryption, DLP) across multiple environments.
- Develop and execute threat hunting, anomaly detection, and incident response playbooks to minimize mean time to containment.
- Implement and tune SIEM, SOAR, EDR, and vulnerability management solutions; continuously monitor security telemetry.
- Collaborate with engineering teams to embed secure-by-design practices, threat modeling, and secure coding standards into the SDLC.
- Perform risk assessments, policy development, and compliance mapping to frameworks (NIST, CIS, ISO 27001).
- Lead security incident post-mortems, root-cause analysis, and remediation tracking with cross-functional teams.
- Mentor junior engineers, conduct security reviews, and drive security automation initiatives.
- Stay current on industry trends, threat landscapes, and emerging technologies to proactively reduce risk.
Qualification
- Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent work experience.
- 5+ years of hands-on cybersecurity engineering experience across cloud and hybrid environments.
- Strong expertise in cloud security (AWS/Azure/GCP), IAM, encryption, network security, and identity-centric controls.
- Experience with SIEM/SOAR (e.g., Splunk, Exabeam, Palo Alto XSOAR), endpoint protection (EDR), and vulnerability management tools.
- Proven incident response, forensics, and threat hunting capabilities with documented outcomes.
- Familiarity with security governance frameworks (NIST CSF, CIS Controls, ISO 27001) and compliance requirements.
- Excellent communication, collaboration, and problem-solving skills; ability to translate technical concepts for non-technical stakeholders.