Senior Cybersecurity Engineer

Seeking a

• Base Salary Range of $110K - $140K DOE plus bonus and full benefits package

• HYBRID role (1-2 days per week in North Houston office)

• Bachelors Degree in Computer Science, Engineering or related field required

• 8+ years of cybersecurity experience working with security frameworks and controls

• Experience with public cloud architecture, cloud strategy, risk management, networking, security, and compliance workload types

• CISSP, CISM, CRISC, or CISA Certification Preferred

• Support security team projects such as threat modeling, vulnerability scanning and audits.
• Conduct design reviews, testing of new infrastructure, and uplift the security posture for existing environments.
• Build capabilities for automated evidence gathering through integration with our GRC platform
• Execute risk and threat analyst activities, demonstrating findings from external and internal cyber trends and incidents
• Propose and implement creative solutions to protect data across multiple platforms including endpoint, email, network, databases, and cloud applications.
• Collaborate with software engineers, DevOps and infrastructure teams, product owners, and across security teams to understand how data is used, what protections are needed, and implement solutions.
• Support incident and vulnerability response in collaboration with other products and security teams.
• Drive security engineering projects to eliminate attack vectors, harden the platform, and enhance monitoring and intrusion detection systems.
• Lead discussions, assessments, tracking, and overall reporting of technology security risks
• Manage the effectiveness of tooling, rationalizing tools as needed, and identifying tool requirements, as necessary.
• Coordinate with team members to maintain software and operate solutions.
• Engage with teams to identify shared problems and develop automation.
• Define metrics and key performance indicators to determine the effectiveness of the Security automation program.
• Integrate with APIs and application endpoints; generate machine and human readable output.
• Author and maintain middleware documentation.
• Lead cross-collaboration with other engineering and products teams and influence technical direction as well as provide guidance for complex infrastructure security engineering initiatives.
• Mentor team members while providing vision and setting technical direction for the team as a technical lead.
• Demonstrate technical leadership to manage and provide multiple technical solutions, perform code reviews, establish, and enforce coding guidelines and best practices.
• Serve as an internal security consultant to teams looking to make IT investments; ensure systems are designed in accordance with, and are aligned to company's security policies and standards
• Influence the continuous improvement of the security program.

• Bachelors Degree in Computer Science, Engineering or related field required
• 8+ years of experience working with security frameworks and implementing cyber security controls

• Experience with public cloud architecture, cloud strategy, networking, security, and compliance workload types
• Knowledge of risk management frameworks and applying risk methodologies.
• CISSP, CISM, CRISC, or CISA Certification Preferred
• Proficiency in multiple programming languages is desirable (Java, Python, Golang, Rust, Ruby, PowerShell, etc.).
• Proficiency with data formats and query languages (XML, REST APIs and JSON, SQL, Regular Expression, etc.).
• Experience working with advanced firewalls, DNS filtering, log management systems, and email filtering is desirable.
• Experience with security compliance monitoring tools including SIEM tools, GRC platforms, vulnerability scanning tools, DLP (Data Loss Prevention) PAM (Privileged Access Management), and other infrastructure security tools.
• Familiarity with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework is desirable.
• Knowledge of current data privacy laws (CCPA, GDPR)