Role Description phia is hiring a Senior Cybersecurity Engineer (Cloud Security) to support cyber defense engineering and operations at a large Federal agency. This role will provide technical expertise for hybrid, multi-cloud environments, focusing on security configuration hardening, integration, and automation, to protect assets, data, and identity. These efforts will enable proactive threat & fraud detection and mitigation, and continuous policy compliance assessment. This position offers REMOTE work flexibility, while primary customer locations include the Fairfax, VA and Raleigh, NC areas. Qualified candidates must be U.S. Citizens and located in the United States. The position requires Public Trust security vetting approval. What You’ll Do - Security Posture & Compliance Automation: Design and implement automated compliance assessments to enforce hardening standards (CIS, NIST) across cloud accounts and on-premises virtualized environments. - Asset & Data Security: Architect and maintain the security of our sprawling asset inventory. Implement data-at-rest and data-in-transit encryption strategies that span from physical data center servers to cloud-native storage. - Identity & Fraud Mitigation: Develop and secure the "Identity Fabric" linking 600k+ employees and millions of commercial customers. Collaborate with Fraud teams to integrate signals from SIEM and Databricks to detect and block malicious account activity. - Hybrid Engineering: Build and manage secure connectivity (Transit Gateways, Service Mesh) between on-premises hypervisors and multi-cloud environments, ensuring consistent policy enforcement. - Threat Detection & Response: Partner with the SOC to develop high-fidelity detection logic. Build SOAR playbooks that automate the isolation of compromised cloud workloads or on-premises VMs. - Efficacy Assessment: Support ongoing "Purple Team" exercises and control testing to validate that security tools (EDR, WAF, DLP) are performing as intended across all tenants. - AI/ML Security Governance (Adversarial Defense): Establish security guardrails for the enterprise’s internal and customer-facing AI models. This includes protecting Databricks training pipelines from data poisoning and implementing mitigations for LLM-specific threats like prompt injection and sensitive data leakage. - Hyper-Automation of Security Operations: Drive the transition from manual "click-to-operate" security to Autonomous Security Operations. This involves building advanced SOAR playbooks that use ML-based triggers to perform auto-remediation across hybrid environments without human intervention. - Business Process Streamlining: Partner with business units to integrate security "invisibly" into their workflows. Use automation to reduce "security friction" in logistics and retail operations, ensuring that compliance checks (like PCI or SOC2) are performed continuously and programmatically. - AI Asset Management: Discover and catalog "Shadow AI" usage across the enterprise, ensuring all third-party AI tools meet the enterprise’s privacy and security standards. Communicate findings and insights clearly to technical and business stakeholders. Qualifications - Expert-level knowledge of security architectures in AWS, Azure, and Google Cloud. - Mastery of Terraform, Ansible, or CloudFormation to deploy and manage security configurations at massive scale. - Ability to leverage Databricks to perform deep-dive analysis on billions of logs for threat hunting and efficacy reporting. - Experience securing Kubernetes (EKS/AKS/GKE) and Docker environments, focusing on runtime protection and image integrity. - Proficiency with OAuth 2.0, SAML, and CIAM solutions for large-scale customer and employee authentication. - Proficiency in using Python (PySpark/Pandas) within Databricks to build custom anomaly detection models that go beyond standard SIEM correlation rules. - Knowledge of the OWASP Top 10 for LLMs and experience implementing AI gateways or "firewalls" to monitor and filter AI-generated traffic. - Deep expertise in building "glue code" that connects disparate COTS and custom applications via secure, automated APIs to streamline cross-functional business activities. - The ability to explain to non-technical stakeholders how AI-driven security decisions are made and how to handle "false positives" at scale. - A relentless focus on identifying repetitive manual tasks and replacing them with self-healing, automated systems. Requirements - Bachelor’s and/or Master’s degree preferred, but can be substituted with significant experience. - 8+ years of relevant experience (cybersecurity architecture & engineering). - 4+ years focused on large-scale cloud or hybrid environments. Preferred Skills - Demonstrated AI or Machine Learning expertise applied to solve security or operational scaling problems. - Demonstrated experience managing environments with 10,000+ workloads and high-availability requirements for retail/commercial applications. - Experience with Databricks and Splunk (cloud data integration, analytics, etc.). Certifications (preferred) - Certified Information Systems Security Professional (CISSP) - Certified Cloud Security Professional (CCSP) - GIAC Public Cloud Security (GPCS) - GIAC Cloud Security Automation (GCSA) - Amazon Web Services (AWS) Certified Security – Specialty - Google Professional Cloud Security Engineer - Microsoft Certified: Azure Security Engineer Associate Security Clearance/Vetting - U.S. Citizenship required - Ability to complete Public Trust vetting

Role Description Join our team as a Security Engineer working within an agentic SOC environment. This role is designed for someone who is ready to grow beyond traditional analyst responsibilities and move deeper into security engineering, automation, cloud security, detection engineering, and AI-assisted security operations. You will help build, operate, and improve a modern SOC that uses automation, agentic workflows, AI-assisted investigation, and security engineering practices to improve detection, triage, response, and overall security visibility. This is a hands-on role for someone who enjoys solving technical problems, improving systems, and building security capabilities rather than only monitoring alerts. The ideal candidate has 2–3 years of cybersecurity experience, a strong SOC foundation, hands-on AWS knowledge, Python proficiency, and experience working with SIEM data and log pipelines. We are looking for someone motivated, curious, and eager to grow into a stronger security engineer within a modern, engineering-driven SOC model. Responsibilities - Build, maintain, and improve security workflows, integrations, detection processes, and operational tooling within an agentic SOC. - Work with automation, AI-assisted workflows, and agent-based capabilities that support alert triage, investigation, enrichment, and response. - Help design, configure, maintain, and troubleshoot log ingestion flows into the SIEM from AWS, applications, infrastructure, endpoint tools, and security platforms. - Create, tune, and maintain detection rules, alert logic, dashboards, playbooks, and investigation workflows. - Develop Python scripts and automations for alert enrichment, data processing, reporting, workflow improvement, and security operations support. - Support cloud security logging, monitoring, IAM reviews, and cloud detection use cases. - Review, analyze, and correlate security alerts and logs to identify suspicious activity and support investigations. - Assist with security event investigations, escalation, containment, remediation, and post-incident improvements. - Help improve SOC processes, playbooks, detection coverage, documentation, and response workflows. - Partner with security, cloud, IT, and engineering teams to improve visibility, reduce risk, and strengthen security operations. Qualifications - 2–3 years of experience in cybersecurity, SOC operations, security engineering, cloud security, detection engineering, or incident response. - Working knowledge of AWS services, cloud security fundamentals, logging, monitoring, IAM, and basic cloud architecture. - AWS entry-level certification required at minimum, such as AWS Certified Cloud Practitioner. AWS Solutions Architect – Associate or AWS Security Specialty is a plus. - Hands-on proficiency with Python for scripting, automation, data processing, security tooling, or workflow development. - Experience working with SIEM platforms, including log ingestion, parsing, alerting, dashboards, and detection logic. - Experience building, maintaining, or troubleshooting log flows from applications, infrastructure, AWS services, endpoint tools, or security platforms into a SIEM. - Strong understanding of SOC workflows, alert triage, investigation, escalation, and incident response processes. - Ability to help develop, tune, and improve detections based on logs, threat behavior, and operational needs. - Familiarity with agentic concepts, agentic frameworks, AI-assisted workflows, autonomous or semi-autonomous agents, and practical security operations use cases. Nice to Have - Hands-on exposure to LLMs, AI agents, agentic workflows, or AI-assisted security operations. - Experience with Sigma, SPL, KQL, SQL, YARA, or similar detection/query languages. - Familiarity with Terraform, CloudFormation, CDK, or similar tools. Compensation Information Compensation Range: $100,000-$150,000. The range represents total compensation, and may include incentive for sales roles, equity or benefits, as applicable. This compensation range represents Cyera’s good faith and reasonable estimate of the range of possible compensation for this role at the time of posting, and Cyera may ultimately pay more or less than the posted range. The final salary for this position will be determined in Cyera’s sole discretion, consistent with applicable law, and based on a variety of factors, including but not limited to the employee’s work experience, skills, and qualifications for the role, as well as the needs of Cyera’s business and other operational considerations. Final compensation will vary based on seniority and relevance of experience, location, and position requirements. This role may be eligible for potential merit increases based on factors such as individual or company performance, time in role, and other discretionary factors. Benefits - Ability to work remotely, with office setup reimbursement. - Competitive salary. - Unlimited PTO. - Paid holidays and sick time. - Health, vision, and dental insurance. - Life, short and long-term disability insurance.

Role Description GitHub is transforming how the world builds secure software, and we are looking for a Product Security Engineer III to join our Product Security Engineering team. This is a hands-on engineering role focused on building internal security platforms, tooling, and automation that protect GitHub's products at scale. - Design, build, and maintain security tooling and automation, including static analysis pipelines, secret scanning workflows, and dependency analysis systems. - Contribute to scalable solutions that reduce recurring vulnerability patterns, focusing on preventing classes of vulnerabilities rather than addressing individual instances. - Build and improve agentic security tooling for automated triage, assessment, and remediation of security findings. - Develop security libraries, CI/CD integrations, and developer-facing tools that make the secure path the default path for engineering teams. - Contribute to supply chain security defenses, building detection and prevention systems that protect GitHub's software supply chain. - Collaborate with teams across the organization to address security risks and define new requirements and feature sets. - Analyze key metrics and KPIs to identify trends in security issues, evaluate the effectiveness of security tooling and automation, and recommend improvements to address gaps in measurement. Qualifications - 5+ years experience in security analysis, security research, cyber security, security engineering, or relevant area OR Associate's Degree in a related field AND 4+ years experience in security analysis, security research, cyber security, security engineering, or relevant area OR Bachelor's Degree in a related field AND 3+ years experience in security analysis, security research, cyber security, security engineering, or relevant area OR Master's Degree in a related field AND 1+ year(s) experience in security analysis, security research, cyber security, security engineering, or relevant area OR equivalent experience. - 1+ year(s) of experience in building security tooling and implementing solutions in complex environments. - 3+ years experience programming in at least 2 of these 3 coding languages: Ruby, Go, Python. Requirements - Experience with static analysis tools (SAST/DAST), code scanning frameworks, or custom rule authoring. - Experience building agentic or AI-driven security tooling (e.g., automated triage, classification, or remediation). - Familiarity with software supply chain security concepts and tooling. - Experience working in large-scale monolith or distributed service codebases. - Familiarity with GitHub's products, platform, and developer ecosystem. - Strong expertise in security principles, including the Security Development Lifecycle (SDL), and experience in vulnerability management. Benefits - The base salary range for this job is USD $107,700.00 - USD $285,900.00 /Yr. - Eligible for benefits and additional rewards, including annual bonus and stock. - Rewards are allocated based on individual impact in role. - Opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role.

• Provides professional contributions to assist in achieving and maintaining security accreditation for CMRE systems and applications, data acquisition, processing and storage, and their interfacing with other CIS, across the life cycle (development, implementation, operation, enhancement, withdrawal from service). • Within a project structure, advises on cost-effective countermeasures to minimize the security risks anticipated during the development and operation phases of the CIS life cycle. • Within a framework of security accreditation, implements and operates the prescribed security controls under the supervision of the CIS Provider and the under the control of Security Staff. • Documents the architecture, configuration and security posture of CIS in use within CMRE to inform the risk management activities of the Security Organization. • Implements security best practices and security controls, under the supervision of the CIS Provider • Plans, implements and upgrades CIS • Analyses security breaches to determine their root cause • Contributes to define, implement and maintain corporate security policies • Supervises and manages Technical Teams as required. • Undertakes security testing, in accordance with an agreed Security Testing & Verification (ST&V) Plan. • Supports the CIS Provider in the formulation of Security Operating Procedures (SecOPs) for the CIS. • Contribute to the maintenance of configuration baselines through configuration management and change control. • Supports the CIS Provider in undertaking periodic vulnerability assessments, under the control of Security staff and in accordance with the requirements of the Security Accreditation Authority. • Provides regular training and awareness to other project staff • Supports periodic security audits performed by Security Staff and the Security Accreditation Authority.