Cloud Security Architect leading secure and scalable cloud solutions at Booz Allen Hamilton. Mentoring engineering teams and driving best practices in cloud security and automation.
About the role
- Senior Security Engineer protecting sensitive financial data and transaction platforms against cyber threats. Leading security measures and compliance within financial industry regulations.
Responsibilities
- Reduce third-party risk exposure: improve our current third-party risk assessment process to identify high-risk vendors using AI tools or automation.
- Implement comprehensive security logging and monitoring: ensure complete logging coverage across critical systems and deliver dashboards and metrics. Manage our SIEM, creating and responding to alerts.
- Create, maintain, and update company policies. Work with auditors during the annual SOC 2 audit.
- Improve our vulnerability and patch management: Create secure configuration baselines for servers, endpoints, and cloud.
- Awareness training: Create a full-year program that includes phishing campaigns and awareness training.
- Design and Implement Security Controls: Design, implement, and maintain security tools and technologies, including SIEM, EDR, firewalls, IDS/IPS, and DLP, to protect sensitive data.
- Incident Response and Threat Detection: Lead threat detection efforts, incident response, and forensic investigations.
- Vulnerability Management: Perform threat modeling and static/dynamic vulnerability assessments, and develop and implement remediation strategies for identified flaws (e.g., OWASP Top 10).
- Compliance and Auditing: Ensure compliance with regulations and frameworks. Participate in audits and provide necessary evidence and remediation plans.
- Secure Development Lifecycle (SDLC): Collaborate with engineering and DevOps teams to integrate security into CI/CD pipelines and promote secure coding best practices.
- Automation and Scripting: Develop automated solutions and use scripting (Python, PowerShell, Bash) to streamline security operations and monitoring processes.
- Mentorship and Leadership: Provide technical direction and mentorship to junior team members, helping foster a strong, organization-wide security awareness culture.
Requirements
- Experience: 5+ years of experience in a dedicated information security engineering role, preferably within the financial services or a highly regulated industry.
- Technical Expertise: Strong working knowledge of network security fundamentals (TCP/IP, UDP, HTTP), cloud security models (AWS/GCP), and identity and access management (IAM, SSO, MFA).
- Tools and Technologies: Hands-on experience with enterprise security tools, including SIEM platforms, vulnerability scanners, and EDR solutions.
- Regulatory Knowledge: Deep understanding of cybersecurity frameworks such as NIST CSF, and the MITRE ATT&CK framework.
- Problem-Solving: Excellent analytical and problem-solving skills, with the ability to translate complex technical concepts into clear, actionable recommendations for various stakeholders.
- Certifications: Relevant security certifications are highly desirable, such as CISSP, CISM, or GIAC.
- Education: Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field.
Benefits
- Competitive salary.
- Hybrid work arrangement if located in the Phoenix or New York area; otherwise, fully remote.
- Excellent medical, dental, and vision insurance options, with low-cost premium structures that demonstrate our commitment to offering great value to our employees.
- 100% company-paid basic life insurance, short-term and long-term disability insurance.
- 100% paid parental leave upon eligibility.
- Company equity managed through Carta.
- 401k with match and 100% vesting upon hire.
- Flexible PTO in an environment where taking time off to relax or recharge is supported and encouraged.
- Take time off for holidays—and yes, your birthday counts too. Celebrate, relax, and recharge without thinking twice.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Sales Specialist driving cybersecurity solutions for TELUS, focusing on high - level client relationships and strategic sales growth in Quebec. Collaborative role with interdisciplinary teams for exceptional service.
Senior Cybersecurity Sales Specialist joining TELUS to elevate customer experience across Canada. Driving change and delivering results in the Montreal cybersecurity market through strategic consultation and account management.
Senior Security Engineer at ITC Federal developing and implementing internal security plans and compliance audits. Must have experience in system architecture design and risk assessments.
Tier 2 support specialist within Cyber Fraud Investigations at Enbridge. Responsible for detecting, investigating, and preventing fraudulent activity across digital channels.
IT Security System Administrator responsible for vulnerability detection and internal IT security at GovTech solutions company. Collaborating within IT team to enhance security infrastructure.
CISO managing the information security program at Sokin, a B2B financial services provider. Leading strategy, compliance, and security operations across global operations.
Personnel Security Specialist handling background investigations and security document management for government personnel security processes. Ensuring compliance with operational security requirements in a mission - driven environment.
Personnel Security Assistant providing customer service and administrative support for personnel security case processing. Reviewing forms, assisting applicants, and coordinating follow - ups based in Springfield, VA.
Personnel Security Specialist for FBI operations reviewing investigation documentation for accuracy and processing. Support background investigations and conduct security assessments for personnel qualifications.