Istari Digital - Customer Success Cybersecurity Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Bachelor’s in Computer Science, Engineering, Information Security, or equivalent practical experience • 3+ years of hands-on cybersecurity engineering, blue team, or security operations experience (adjust years for your level) • Strong understanding of networks and protocols (TCP/IP, DNS, HTTP(S)/TLS, routing, VPN, firewalls, Zero Trust concepts) • Practical experience with two or more: SIEM, EDR, IDS/IPS, WAF, CSPM/CIEM, vulnerability scanners, SAST/DAST/SCA, PAM/IGA, PKI • Cloud security experience in at least one major cloud (AWS/Azure/GCP): IAM, network security, KMS, logging/monitoring, security services • Proficiency in scripting/automation (e.g., Python, Bash, PowerShell) and exposure to IaC/Config management (Terraform, CloudFormation, Ansible) • OS administration and hardening (Windows, Linux, macOS) and endpoint security fundamentals • Familiarity with MITRE ATT&CK, common attack techniques, and modern detection strategies • Experience participating in incident response and writing/runbook-level documentation • Knowledge of cryptography basics (encryption at rest/in transit, key rotation, cert management) • Clear communication skills and ability to partner with cross‑functional teams • Must be a US citizen living within the United States. • Must have approved Commercial Personnel Certification in alignment with DoD Cyberspace Workforce Framework (DCWF) • CompTIA Network+, CND, etc., or • A qualifying Academic Degree/Education Certificate • Understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC. • DevSecOps experience embedding security into CI/CD, artifact signing, and SDLC governance • Container/Kubernetes security (admission controls, runtime policies, image scanning) • Data protection and privacy controls (DLP, tokenization, data classification) • Identity security (SSO/MFA, conditional access, PAM, IGA) and Zero Trust architectures • Threat intelligence integration and use-case development; basic digital forensics • SOAR playbook design and automation; custom detections and log enrichment • Experience with regulatory environments (e.g., healthcare, fintech, government) • Contributions to security architecture reviews and risk assessments at scale • Certifications a plus: Security+, GSEC, GCIH, GCIA, GCED, CISSP, CCSP, CCSK, OSCP, AZ‑500, SC‑100, AWS Security Specialty • Experience with tools such as Splunk/Microsoft Sentinel, CrowdStrike/Defender, Qualys/Nessus, Burp/ZAP, Prisma/Aqua/Twistlock, Trivy, Checkov/tfsec, Vault/KMS, Okta/Azure AD, Palo Alto/Fortinet, Elastic • Active TS Security Clearance. • We offer highly competitive benefits, including: • Health and Family • Medical/Dental/Vision • Employee Premiums are 100% Company Paid • Life Insurance • Flexible Work Hours • Unlimited Paid Time Off (PTO) with federal government holidays
Responsibilities
• Lead security design and threat modeling for new and existing systems (cloud, application, data, network) • Implement and manage core controls: IAM/SSO, least privilege, network segmentation, encryption and key management, secrets management, endpoint and email security • Build and operate detection and response capabilities: SIEM/EDR/SOAR, log pipelines, alert tuning, use-case development, threat hunting • Own vulnerability remediation: scanning, triage, risk-based prioritization, remediation with product/IT teams, tracking to closure • Strengthen application and cloud security: SAST/DAST/SCA, secure SDLC, CI/CD guardrails, IaC scanning, container/Kubernetes runtime protections, CSPM/CIEM • Coordinate and support security testing: internal reviews, penetration tests, red/purple team, tabletop exercises; drive remediation and lessons learned • Lead/participate in incident response: triage, containment, eradication, recovery, forensics, root-cause analysis, post-incident reports and runbooks • Define and maintain security standards, baselines, hardening guides, and architecture diagrams • Monitor and report security metrics, KPIs/KRIs, and risk posture to stakeholders • Support audits and compliance efforts (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA) and align controls to frameworks (NIST CSF, CIS Controls) • Conduct third‑party/vendor security reviews and support contract/security requirements • Drive security awareness initiatives and phishing simulations; mentor engineers on secure practices • Contribute to business continuity and disaster recovery planning and testing • Automate repetitive tasks and integrations to improve scale and reliability
Benefits
• We offer highly competitive benefits, including: • Health and Family • Medical/Dental/Vision • Employee Premiums are 100% Company Paid • Life Insurance • Flexible Work Hours • Unlimited Paid Time Off (PTO) with federal government holidays • Company Stock Options • Home Office Setup Budget • Reimbursement for approved trainings and subscriptions • Conferences (travel, lodging, and fees) • Note - some benefits are not available to interns or contractors. • Thank you for your interest in Istari. Expect to hear back from us soon with next steps.
No credit card. Takes 10 seconds.