46 applicantsPosted by Agency

This job has closed.

Company

Original Job Post

Rangam · 2 days ago

Senior Cyber Security Engineer

St Paul, MN

Contract

Hybrid

Senior Level

8+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ConsultingInformation Technology

H1B Sponsorship

Actively Hiring

Hiring Manager

Nirav Soni

Insider Connection @Rangam

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Define and develop processes and methodologies for designing secure systems

Engage with teams to conduct security risk assessments and conform to organizational remediation/mitigation timelines in different phases of the secure product development lifecycle

Provide product security support to development teams, including reviewing and explaining security tools and processes, providing vulnerability explanations and remediation guidance

Optimize product/system security by creating and reviewing architecture and detailed design solutions that reflect best practices

Coordinate product security program metrics and reporting

Support ongoing vulnerability and patch management through tracking, triaging and prioritizing across all products to minimize the potential security risk

Help drive system and product requirements to meet the regulatory and compliance requirements (like GDPR, ISO, ISA/IEC, SOC2, FedRAMP)

Assist with training and mentoring of security champions

Partner with third-party vendors to deliver software security tools and services

Provide expert consultation on application security requirements and best practices with vulnerability scanning and secure application design

Partner closely on security operations tasks with cross-functional teammates in IT, DevOps, Engineering, Compliance, and Test

Manage 3rd party partners and vendors supplying cybersecurity-related services

Identify the design implications within a platform and system and work with teams to minimize vulnerabilities

Influence program decisions to reduce the risk exposure of the company

Participate in Zero-day remediation, Hotfixes, and Incident Response efforts

Identify and review test coverage for the security aspects of the system

Assist in responses to external audits, customer questionnaires, penetration tests and vulnerability assessments

Self-motivated to stay engaged with the market on new security products, threats and vulnerabilities and to apply innovative approaches in technology, marketing and service operations to meet those needs.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Software DevelopmentEngineering ExpertiseSecurity ArchitectureThreat ModelingRisk AssessmentPenetration TestingOperational TechnologyOpenSSLPKIDevSecOps PrinciplesCloud-Native ArchitectureOWASP Top 10NIST StandardsGDPR ComplianceProblem-SolvingSelf-MotivatedCommunicationDISA STIG assessmentLinux systemsWindows systemsSecurity certificationsGICSPGCLDGSOCGDSA

Required

Bachelor's or Master's degree in Computer Science, Electrical Engineering or similar engineering discipline with an emphasis on cyber security

8+ years of cumulative experience in software development and engineering expertise in Application, Network, Cloud, Mobile, IoT, ICS, Embedded systems, APIs

5+ years of expertise in Product Security, Security Architecture and Security Assessment: Threat Modeling, Secure Development, Risk Assessment, Threat Analysis, DFMEA, Penetration testing, SDLA tools

Strong understanding of operational technology principles, concepts, and techniques

Strong knowledge of current security threats, techniques, and landscape, as well as a self-motivated desire to research current in the cybersecurity landscape

Strong knowledge of OpenSSL, TLS mutual authentication, PKI, digital signatures, and certificate management

Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis following current and emerging threats

Implementation experience or knowledge of security controls

Should have good knowledge of security containers, hands-on experience with DevSecOps principles, and a good handle on end-to-end DevSecOps processes

Technical understanding of cloud-native architecture and engineering best practices (AWS, Azure, Google Cloud)

Working experience with OWASP Top 10 for web applications

Knowledge of penetration testing techniques, application security vulnerabilities, OWASP Top 10, SANS 25, CWE, etc

Knowledge of Security Industry Standards and Frameworks: e.g., NIST, ISA/IEC, GDPR, SOC2

Excellent verbal and written communication skills, with the ability to communicate to all levels of the organization

Preferred

Familiar with DISA STIG assessment and implementation for Linux and/or Windows systems

Desirable security certification(s): GICSP, GCLD, GSOC, GDSA, or any other relevant certifications

Company

Rangam

Rangam is a global, innovative, total talent management firm with a mission to accelerate meaningful employment for everyone.

Founded in 1995

Somerset, New Jersey, USA

501-1,000 employees

https://rangam.com/

H1B Sponsorship

Rangam has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2023 (3)

2022 (5)

2021 (3)

2020 (7)