Cyber Security Engineer

Basic Function

The Cyber Security Engineer safeguards corporate and public cloud environments that host financial services platforms. This role monitors and evaluates threats to a cloud-hosted digital banking solution, identifying vulnerabilities across applications, networks, and systems. They design, implement, and maintain technical security controls to protect sensitive data and ensure compliance with industry standards. Additionally, the Cyber Security Engineer manages incident response efforts, handling threat detection, containment, eradication, and recovery. This role also supports risk management, compliance, and audit functions, continuously improving the organization’s security posture and information assurance.

Essential Functions and Responsibilities:

Develop and improve monitoring, reporting, and alerts to identify and address threats using research, security tools, scripting, and data analysis

Develop and maintain threat models to prioritize risk management activities

Manage vulnerability scanning and penetration testing tools to detect weaknesses across multiple environments

Collaborate with clients, auditors, vendors, and internal teams to assess and validate security posture across all environments and system layers

Investigate and verify reported vulnerabilities, resolving or assigning remediation as needed

Develop security strategies, scripts, and configurations to mitigate risks across cloud services, networks, and endpoints

Design, deploy, and manage security controls, including firewalls, intrusion detection, DLP, CASBs, and AV/EDR systems, with automation where feasible

Participate in security incident response, covering all phases from detection to resolution

Collect and document security program activities to support audits and client due diligence

Perform other duties as assigned

Position Specifications

Education: 

Associate Degree in Computer Science, Information Assurance, Cybersecurity, or a related field required, or equivalent combination of education and experience

Experience:

Three (3) years of experience in security engineering, software engineering, information technology, systems administration, or information assurance required

Two (2) years of experience designing and implementing security controls as a software, security, or systems engineer or similar role required

Experience with AWS, Linux, Kubernetes, Git, log aggregation platforms, issue tracking systems, and shell and Python scripting required

Knowledge, Skills, & Abilities:

Technical knowledge of cybersecurity tools, techniques, and procedures to identify and analyze threats and devise and monitor technology safeguards to protect sensitive assets

Ability to design and implement security controls across operating systems, containerization, orchestration, and networks (e.g., SELinux, auditd, iptables, Snort, Zeek)

Effective communicator with strong collaboration skills, able to coordinate vulnerability remediation and risk reduction

Professional demeanor with strong client orientation, earning trust inside and outside the organization

Sound judgment, confidentiality, and task prioritization skills when handling sensitive information

Ability to work remotely with high productivity, maintaining strong communication and collaboration

Commitment to continuous learning and professional growth, staying ahead of evolving security threats

Travel: 

Minimal, generally 12 days or less per year