Teaching and research role in Cybersecurity and AI at De Vinci School. Engaging in course design and research projects in a collaborative academic environment.
About the role
- Senior Security Engineer protecting sensitive financial data and transaction platforms against cyber threats. Leading security measures and compliance within financial industry regulations.
Responsibilities
- Reduce third-party risk exposure: improve our current third-party risk assessment process to identify high-risk vendors using AI tools or automation.
- Implement comprehensive security logging and monitoring: ensure complete logging coverage across critical systems and deliver dashboards and metrics. Manage our SIEM, creating and responding to alerts.
- Create, maintain, and update company policies. Work with auditors during the annual SOC 2 audit.
- Improve our vulnerability and patch management: Create secure configuration baselines for servers, endpoints, and cloud.
- Awareness training: Create a full-year program that includes phishing campaigns and awareness training.
- Design and Implement Security Controls: Design, implement, and maintain security tools and technologies, including SIEM, EDR, firewalls, IDS/IPS, and DLP, to protect sensitive data.
- Incident Response and Threat Detection: Lead threat detection efforts, incident response, and forensic investigations.
- Vulnerability Management: Perform threat modeling and static/dynamic vulnerability assessments, and develop and implement remediation strategies for identified flaws (e.g., OWASP Top 10).
- Compliance and Auditing: Ensure compliance with regulations and frameworks. Participate in audits and provide necessary evidence and remediation plans.
- Secure Development Lifecycle (SDLC): Collaborate with engineering and DevOps teams to integrate security into CI/CD pipelines and promote secure coding best practices.
- Automation and Scripting: Develop automated solutions and use scripting (Python, PowerShell, Bash) to streamline security operations and monitoring processes.
- Mentorship and Leadership: Provide technical direction and mentorship to junior team members, helping foster a strong, organization-wide security awareness culture.
Requirements
- Experience: 5+ years of experience in a dedicated information security engineering role, preferably within the financial services or a highly regulated industry.
- Technical Expertise: Strong working knowledge of network security fundamentals (TCP/IP, UDP, HTTP), cloud security models (AWS/GCP), and identity and access management (IAM, SSO, MFA).
- Tools and Technologies: Hands-on experience with enterprise security tools, including SIEM platforms, vulnerability scanners, and EDR solutions.
- Regulatory Knowledge: Deep understanding of cybersecurity frameworks such as NIST CSF, and the MITRE ATT&CK framework.
- Problem-Solving: Excellent analytical and problem-solving skills, with the ability to translate complex technical concepts into clear, actionable recommendations for various stakeholders.
- Certifications: Relevant security certifications are highly desirable, such as CISSP, CISM, or GIAC.
- Education: Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field.
Benefits
- Competitive salary.
- Hybrid work arrangement if located in the Phoenix or New York area; otherwise, fully remote.
- Excellent medical, dental, and vision insurance options, with low-cost premium structures that demonstrate our commitment to offering great value to our employees.
- 100% company-paid basic life insurance, short-term and long-term disability insurance.
- 100% paid parental leave upon eligibility.
- Company equity managed through Carta.
- 401k with match and 100% vesting upon hire.
- Flexible PTO in an environment where taking time off to relax or recharge is supported and encouraged.
- Take time off for holidays—and yes, your birthday counts too. Celebrate, relax, and recharge without thinking twice.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Apprentice Fire and Security Engineer installing, commissioning, and maintaining electronic protection systems for Johnson Controls. Collaborating in a team - based environment and gaining hands - on experience in fire and security technology.
Construction Site Superintendent overseeing construction projects for Johnson Controls, ensuring timely completion and adherence to project scope, budget, and schedule. Collaborating with teams and managing site activities in the United States.
Senior Security Architect providing security consulting and risk assessment at The Missing Link. Leading initiatives in security architecture and technology risk support within a hybrid work environment.
Data Protection Security Engineer at Fiserv designing, implementing, and maintaining cybersecurity solutions. Collaborating with teams to safeguard client information and ensure regulatory compliance.
Senior Manager IAM Metric Insights managing metrics and performance in Identity and Access Management. Delivering insights and reporting to enhance security posture for RBC's Global Security team.
HSE Technician I in TechnipFMC's HSE team promoting and supporting an HSE culture. Assisting with investigations, conducting audits, and maintaining safety documentation.
Information Security Officer creating security policies and managing security teams to protect Paytient. Collaborating with internal and external teams to ensure compliance and security posture.
Supplier Manager focused on Microsoft Security products at Arrow. Develops strategies to enhance sales and market share while collaborating with Microsoft and sales teams.
IT Infrastructure and Security Administrator at B&O Bau, managing IT security and infrastructure. Collaborating on innovative projects across multiple German locations.