Apply on Employer Site

BLACKCLOAK · 3 weeks ago

Security Engineer (Security Operations, Zero Trust)

United States

Full-time

Remote

Mid Level

$100K/yr - $140K/yr

3+ years exp

BlackCloak is dedicated to protecting corporate executives and high-profile individuals from digital threats. The Security Engineer will be integral to the internal technology team, focusing on security operations, incident response, and implementing Zero Trust principles to enhance overall security posture.

Cyber SecurityInformation TechnologyPrivacy

Responsibilities

Security Operations & Incident Response (Primary)

Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others

Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team

Assist in development of new threat detections, playbooks, and automated response/remediation

Support triage and response of security alerts, as an escalation point from the broader team

Participate in supporting security on-call rotation

Zero Trust & Network Security (Secondary)

Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles

Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDM

Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, Zitadel

Mature Zero Trust alerts and controls across risk-based alerting, posture checks

Incorporation of Zero Trust principles into new programs and architecture designs

Application Security (Support)

Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools

Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training

Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture

Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings

Cloud & Infrastructure Security (Support)

Partner with Engineering, DevOps, to secure GCP, AWS environments

Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts

Support development and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment

Incorporation of shift-left security tests and controls, into CI/CD pipelines

Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats

Qualification

Security OperationsZero Trust principlesCloud Security toolsThreat detectionScripting languagesIAM architectureApplication SecurityBuilder mindsetProblem-solvingCollaborationSelf-starter

Required

3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment

Deep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools

Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions

Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions

Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable

Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams

Ability to drive new projects, self-starter, with minimal supervision

A proactive, 'builder' mindset with a passion for improving processes, reducing risk

Preferred

Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform)

Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF

Familiarity with common application development languages such as Java or JavaScript

Understanding of system and architecture design principles, from code to cloud

Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA)

Benefits

100% Remote Company, within the USA

Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.

Health Savings Account with company contribution for eligible medical plans.

Flexible Vacation Plan

10 Paid Company Holidays

100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance

401k with Traditional and Roth options, including employer match.

Company Equity

Paid Parental and Pregnancy Recovery Leave

Company and team off-sites and virtual events throughout the year

Home office stipend