Position Overview
We are seeking a highly experienced Cybersecurity Engineer to join our Istari team. This role focuses on designing, implementing, and operating security architecture and controls that protect our cloud-native products and platform. The ideal candidate has deep expertise across cloud security, threat detection and response, and DevSecOps, with a passion for enabling secure innovation in a fast-paced environment.This role focuses on designing, implementing, and managing scalable infrastructure that supports our products. The ideal candidate will have deep expertise in cloud technologies and a passion for driving innovation in a fast-paced environment.
Position Overview
We are seeking a highly experienced Cybersecurity Engineer to join our Istari team. This role focuses on designing, implementing, and operating security architecture and controls that protect our cloud-native products and platform. The ideal candidate has deep expertise across cloud security, threat detection and response, and DevSecOps, with a passion for enabling secure innovation in a fast-paced environment.This role focuses on designing, implementing, and managing scalable infrastructure that supports our products. The ideal candidate will have deep expertise in cloud technologies and a passion for driving innovation in a fast-paced environment.
Key Responsibilities
Lead security design and threat modeling for new and existing systems (cloud, application, data, network)
Implement and manage core controls: IAM/SSO, least privilege, network segmentation, encryption and key management, secrets management, endpoint and email security
Build and operate detection and response capabilities: SIEM/EDR/SOAR, log pipelines, alert tuning, use-case development, threat hunting
Own vulnerability remediation: scanning, triage, risk-based prioritization, remediation with product/IT teams, tracking to closure
Strengthen application and cloud security: SAST/DAST/SCA, secure SDLC, CI/CD guardrails, IaC scanning, container/Kubernetes runtime protections, CSPM/CIEM
Coordinate and support security testing: internal reviews, penetration tests, red/purple team, tabletop exercises; drive remediation and lessons learned
Lead/participate in incident response: triage, containment, eradication, recovery, forensics, root-cause analysis, post-incident reports and runbooks
Define and maintain security standards, baselines, hardening guides, and architecture diagrams
Monitor and report security metrics, KPIs/KRIs, and risk posture to stakeholders
Support audits and compliance efforts (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA) and align controls to frameworks (NIST CSF, CIS Controls)
Conduct third‑party/vendor security reviews and support contract/security requirements
Drive security awareness initiatives and phishing simulations; mentor engineers on secure practices
Contribute to business continuity and disaster recovery planning and testing
Automate repetitive tasks and integrations to improve scale and reliability
Required Qualifications
Bachelor’s in Computer Science, Engineering, Information Security, or equivalent practical experience
3+ years of hands-on cybersecurity engineering, blue team, or security operations experience (adjust years for your level)
Strong understanding of networks and protocols (TCP/IP, DNS, HTTP(S)/TLS, routing, VPN, firewalls, Zero Trust concepts)
Practical experience with two or more: SIEM, EDR, IDS/IPS, WAF, CSPM/CIEM, vulnerability scanners, SAST/DAST/SCA, PAM/IGA, PKI
Cloud security experience in at least one major cloud (AWS/Azure/GCP): IAM, network security, KMS, logging/monitoring, security services
Proficiency in scripting/automation (e.g., Python, Bash, PowerShell) and exposure to IaC/Config management (Terraform, CloudFormation, Ansible)
OS administration and hardening (Windows, Linux, macOS) and endpoint security fundamentals
Familiarity with MITRE ATT&CK, common attack techniques, and modern detection strategies
Experience participating in incident response and writing/runbook-level documentation
Knowledge of cryptography basics (encryption at rest/in transit, key rotation, cert management)
Clear communication skills and ability to partner with cross‑functional teams
Must be a US citizen living within the United States.
Must have approved Commercial Personnel Certification in alignment with DoD Cyberspace Workforce Framework (DCWF)
CompTIA Network+, CND, etc., or
A qualifying Academic Degree/Education Certificate
Understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC.
Preferred Qualifications
DevSecOps experience embedding security into CI/CD, artifact signing, and SDLC governance
Container/Kubernetes security (admission controls, runtime policies, image scanning)
Data protection and privacy controls (DLP, tokenization, data classification)
Identity security (SSO/MFA, conditional access, PAM, IGA) and Zero Trust architectures
Threat intelligence integration and use-case development; basic digital forensics
SOAR playbook design and automation; custom detections and log enrichment
Experience with regulatory environments (e.g., healthcare, fintech, government)
Contributions to security architecture reviews and risk assessments at scale
Certifications a plus: Security+, GSEC, GCIH, GCIA, GCED, CISSP, CCSP, CCSK, OSCP, AZ‑500, SC‑100, AWS Security Specialty
Experience with tools such as Splunk/Microsoft Sentinel, CrowdStrike/Defender, Qualys/Nessus, Burp/ZAP, Prisma/Aqua/Twistlock, Trivy, Checkov/tfsec, Vault/KMS, Okta/Azure AD, Palo Alto/Fortinet, Elastic
Active TS Security Clearance.
