Digital Executive Protection for executives, high-profile, high-net-worth & ultra-high-net-worth individuals & families.
CyberSecurity Engineer, Identity Protection – Tier 3
Location
United States
Posted
39 days ago
Salary
$110K - $130K / year
Seniority
Senior
Job Description
CyberSecurity Engineer, Identity Protection – Tier 3
BLACKCLOAK
• Deploy and configure Endpoint Detection and Response (EDR) agents across client environments. Customize detection policies to minimize false positives and ensure seamless client business operations. • Analyze EDR telemetry to detect "living off the land" attacks and anomalies that traditional antivirus would miss. • Actively monitor client endpoints for malicious indicators. When threats are detected, immediately isolate compromised devices and communicate the scope of the incident to the customer and cross-functional teams supporting the customer. • Generate monthly executive summaries for clients detailing blocked attacks, health status, and ROI on their security investment. • Schedule and run next-gen vulnerability scans on client networks and execute penetration tests as applicable against client assets.. Review the results with the client's (or their IT point-of-contact), prioritize critical patches, and verify their remediation. • Monitor for threats and vulnerabilities specific to “Smart Home” and Internet of Things (IoT), alert impacted clients, and assist clients in the hardening of their home networks and IoT devices. • Proactively monitor the Dark Web and criminal forums for our clients' compromised credentials, leaked intellectual property, or domain spoofing. • Work with cross-functional teams to alert clients immediately upon discovery of leaked data and provide specific instructions on changing passwords or locking down accounts. • Manage the credit monitoring platform, and alert clients to changes in credit scores, new credit inquiries/accounts and other identity alerts that could indicate fraudulent activity. • In conjunction with Client Success Managers, serve as the dedicated case manager for confirmed identity theft incidents. Handle the end-to-end resolution process so the client does not have to navigate the bureaucracy alone. • Assist in the restoration of compromised accounts, including synthetic identity fraud, medical identity theft, and tax refund fraud. • Actively hunt for client PII on people-search sites and data broker databases. Manage the "opt-out" and removal process to minimize their public attack surface. • Identify repetitive manual tasks (e.g., alert triage, monthly reporting, initial containment) and build SOAR playbooks or scripts (Python/PowerShell) to automate them. • Evaluate and implement AI-driven tools to enhance threat detection accuracy. Utilize Machine Learning features within our stack to reduce "alert fatigue" and false positives. • Continuously assess our toolset's architecture. optimize API integrations between our Identity platforms, EDR, and ticketing systems to ensure we can handle increased client volume without linear headcount growth. • Conduct "Post-Mortem" reviews after incidents or complex identity cases to identify process gaps, updating standard operating procedures (SOPs) to be faster and smarter next time. • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations • Develop custom scripts, tools, or methodologies to enhance our Incident Response processes • Develop comprehensive and accurate reports of forensic findings and Incident Response activities for both technical and executive audiences • Be part of an on-call rotation and escalation team • Participate in knowledge transfer sessions, product training and other strategic initiatives as needed • Maintain working knowledge of BlackCloak’s solutions, platform features and best practices • Mentor and support Client Success and Security Team Members • Work closely with the engineering and product teams to continuously improve BlackCloak products • Perform research and development on the latest cyber security attack and defense trends • Work with the sales team to do technical demonstrations and provide subject matter expertise • This position will require occasional time on nights and weekends to address client incidents, emergency onboardings and issues.
Job Requirements
- 3-5+ years of experience in Cybersecurity, Fraud Analysis, or Security Engineering
- A college degree in an Information Technology (IT/CS/CE) related discipline is a plus, with equivalent experience also considered
- Industry recognized information security certifications a plus:
- CISSP
- CCSP
- CFCE
- GIAC
- OSCP
- OSCE
- Security+
- CEH
- Penetration and vulnerability testing experience
- Windows and macOS forensic investigation and vulnerability management experience
- Experience in deploying, managing, and optimizing EDR tools to effectively detect, respond to, and mitigate threats
- Being able to correlate assets across multiple systems to ensure operational clarity and coverage is a must.
- Experience developing detection alerting using automation, orchestrating detection logic to trigger responses, and developing efficient security workflows.
- Experience with client service, communicating complex technical concepts, and a strong analytical mind required.
- Technical knowledge of operating systems such as Windows, macOS, iOS, Android, Linux
- Solid understanding of the US Credit System (Bureaus, FICO, FCRA rights).
- Experience managing identity monitoring platforms (alerts on Credit, SSN, PII)
- Operate independently and efficiently to manage multiple tasks and priorities simultaneously and successfully
- High degree of interpersonal communication skills and discretion for client privacy
Benefits
- 100% Remote Company, within the USA
- Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.
- Health Savings Account with company contribution for eligible medical plans.
- Flexible Vacation Plan
- 10 Paid Company Holidays
- 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance
- 401k with Traditional and Roth options, including employer match.
- Company Equity
- Paid Parental and Pregnancy Recovery Leave
- Company and team off-sites and virtual events throughout the year
- Home office stipend
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Cyber Hunt Team Leader
SkyePoint DecisionsSkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve. Our employees value the flexibility at SkyePoint that allows them to balance quality work and their personal lives. SkyePoint Decisions is a participating E-Verify Employer. U.S. Citizenship is required for most positions. Equal Opportunity Employer/Veterans/Disabled.
Role Description SkyePoint Decisions is seeking a Cyber Hunt Team Leader to join our team supporting the Department of Education’s (DoED) Federal Student Aid (FSA) Cybersecurity and Privacy Support Services (CPSS) in Washington, DC. This is a remote position. - Leads proactive threat hunting missions and advanced analytics. - Coordinates with SOC, CTI and other business partners and government teams to identify and mitigate advanced persistent threats (APTs). - Develops threat hypotheses, detection logic, and knowledge base of IoCs. - Supports Purple Team exercises and threat emulation. Qualifications - 10+ years of cybersecurity experience. - At least one of: CISSP, GCIH, GCFA, CEH. - Experience with EDR/NDR, SIEM, MITRE ATT&CK, and threat emulation. - Strong understanding of operating systems, networking, adversary tactics, techniques, and procedures (TTPs). - Must be a U.S. citizen. - Must be able to obtain a Public Trust. Requirements - Salary Range: $100,000-$120,000 - Salary at SkyePoint is determined by various factors, including but not limited to location, work schedule, the candidate’s combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, market data and business considerations. Benefits - Certification incentive program. - PTO and floating federal holiday options. - Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs]. - Flex Spending Accounts [FSAs]. - Full Dental Plans and Vision. - Short-Term/Long-Term Disability and Life Insurance. - 401k matched. - Flexible Work Environment.
Account Executive – Mid Market, SaaS Security Workforce Management Software
Trackforce Valiant + TrackTikSecurity Guard Management Software, Designed to Operate Smarter.
• New logo quota in your assigned territory — full cycle from prospect to close, with meaningful self-sourced pipeline expected alongside BDR-sourced opportunities. • Named account book — build real account plans, expand into additional modules, users, sites, and geographies, and run multi-year renewal and expansion motions. • Executive engagement — Director and VP-level conversations are the default, not the exception. You'll be expected to build and defend executive relationships inside your top accounts. • Forecast discipline — accurate Salesforce hygiene, weekly pipeline reviews, and MEDDPICC-quality qualification on every deal above threshold. • Commercial negotiation — pricing, terms, multi-year structures, and discount governance within company guidelines. • Territory leadership — you run targeted campaigns, ABM plays, and field activity inside your patch. You are the CEO of your territory.
• Take full ownership of evolving and maintaining GFiber TPRM processes to optimize our existing tooling platform. Translate complex technical and non-technical risks into actionable insights for diverse stakeholders. • Identify and execute tactical opportunities to automate GRC workflows using an AI-native approach. • Apply key cybersecurity frameworks, specifically ISO 27001 and NIST CSF, to manage and mature our risk posture. Act as a proactive project driver by tracking technical inquiries and moving initiatives forward without waiting for direction. • Draft clear and effective risk presentations for senior leadership and C-suite executives. • Support M&A and corporate carve-out initiatives by aligning GRC processes with our new operational reality.
• Analyze Censys telemetry and derived datasets to identify signals that improve AI/ML model training for classification that affects security outcomes • Build and improve training and evaluation datasets using Internet telemetry, manually curated labels, and analyst-reviewed data • Drive feature discovery, feature selection, and labelling strategies for models that classify entities as benign, suspicious, or malicious • Work on multi-layer labeling and classification problems, where categories such as device type, router, honeypot, or edge service may need to be identified before risk classification • Partner with Research / Detection teams to translate security domain expertise into actionable workflows • Collaborate with ML engineers and software engineers to ensure features, labels, and model inputs are practical to productionize • Contribute to feedback loops and evaluation frameworks that improve precision, recall, confidence, and coverage over time • Build tooling to support the efforts listed above
