Job description
We are looking for a cybersecurity Engineer for a fully remote contract position. You must be USA based. The role involves planning, developing, and implementing enterprise information security solutions to address current and emerging security needs. The successful candidate will design and develop new technologies and security products, ensuring compliance with enterprise and customer requirements, managing enterprise risk, and resolving complex security issues. This position also includes contributing to strategic information security architecture to address business and regulatory challenges.
Key Responsibilities:
- Collaborate with teams to ensure the security of enterprise data and systems through the development of information security solutions.
- Create and update views of IT assets, attack surfaces, and threat actors, illustrating data flow and associated threats.
- Research, design, and develop new enterprise technologies, architectures, and security products.
- Serve as a security expert in various areas including application development, database design, network, and platform operations.
- Analyze business impact and exposure from emerging security threats, contributing to the maintenance of information security architecture.
- Engage with security specialists and functional area architects to ensure robust security solutions that meet business and regulatory requirements.
- Act as a cybersecurity subject matter expert, providing recommendations for mitigating security risks.
- Lead in one or more platform areas, including application, storage, network, virtualization, cloud, and mobile security best practices.
Mandatory Technical Skills:
- Proficiency in network security protocols, best practices, and perimeter security tools.
- Expertise in identity and access management controls, including SAML and OAUTH/OIDC-based authentication, Active Directory, and role mapping.
- Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management.
- Knowledge of data protection technologies such as cryptography, tokenization, and hashing.
Additional Technical Skills:
- Familiarity with Azure native security services and best practices.
- Strong understanding of threat modeling and risk assessment technologies or frameworks.
Non-Technical Skills:
- Ability to manage ambiguity.
- Strong collaboration and team skills with an emphasis on cross-functional cooperation.
- Excellent verbal and written communication skills.