• Support and maintain the company-wide information security program, including policies, standards, and guidelines. • Facilitate IT risk assessments with business units and help define acceptable levels of residual risk. • Monitor the external threat environment and advise stakeholders on emerging risks. • Manage day-to-day threat and vulnerability management, including detection, response, and remediation. • Coordinate incident management and support disaster recovery and business continuity planning. • Liaise with engineering, IT, and enterprise architecture teams to embed security into system design and selection. • Produce regular reporting and metrics on program effectiveness for leadership and stakeholders. • Oversee security testing procedures and manage remediation of identified risks. • Ensure audit trails and system logs comply with policy and audit requirements. • Lead security awareness training across the organization.

• Implement security scanning into existing CI/CD workflows. • Engineer, Implement and monitor security measures for the protection of restricted company data. • Assist department heads with creating secure and compliant workflows. • Using Vulnerability Management work with system owners to remediate discovered vulnerabilities. • Manage and maintain our vulnerability management solution. • Build and maintain detection and response systems such as a SIEM. • Risk Assessments and defining required security controls. • Develop and maintain security policies. • Provide security expertise to development teams. • Analyze business needs, research, and recommend solutions. • Occasional after-hours work. • Work with MDR Services to respond to incidents and document incidents.

Role Description phia is hiring a Senior Cybersecurity Engineer (Cloud Security) to support cyber defense engineering and operations at a large Federal agency. This role will provide technical expertise for hybrid, multi-cloud environments, focusing on security configuration hardening, integration, and automation, to protect assets, data, and identity. These efforts will enable proactive threat & fraud detection and mitigation, and continuous policy compliance assessment. This position offers REMOTE work flexibility, while primary customer locations include the Fairfax, VA and Raleigh, NC areas. Qualified candidates must be U.S. Citizens and located in the United States. The position requires Public Trust security vetting approval. What You’ll Do - Security Posture & Compliance Automation: Design and implement automated compliance assessments to enforce hardening standards (CIS, NIST) across cloud accounts and on-premises virtualized environments. - Asset & Data Security: Architect and maintain the security of our sprawling asset inventory. Implement data-at-rest and data-in-transit encryption strategies that span from physical data center servers to cloud-native storage. - Identity & Fraud Mitigation: Develop and secure the "Identity Fabric" linking 600k+ employees and millions of commercial customers. Collaborate with Fraud teams to integrate signals from SIEM and Databricks to detect and block malicious account activity. - Hybrid Engineering: Build and manage secure connectivity (Transit Gateways, Service Mesh) between on-premises hypervisors and multi-cloud environments, ensuring consistent policy enforcement. - Threat Detection & Response: Partner with the SOC to develop high-fidelity detection logic. Build SOAR playbooks that automate the isolation of compromised cloud workloads or on-premises VMs. - Efficacy Assessment: Support ongoing "Purple Team" exercises and control testing to validate that security tools (EDR, WAF, DLP) are performing as intended across all tenants. - AI/ML Security Governance (Adversarial Defense): Establish security guardrails for the enterprise’s internal and customer-facing AI models. This includes protecting Databricks training pipelines from data poisoning and implementing mitigations for LLM-specific threats like prompt injection and sensitive data leakage. - Hyper-Automation of Security Operations: Drive the transition from manual "click-to-operate" security to Autonomous Security Operations. This involves building advanced SOAR playbooks that use ML-based triggers to perform auto-remediation across hybrid environments without human intervention. - Business Process Streamlining: Partner with business units to integrate security "invisibly" into their workflows. Use automation to reduce "security friction" in logistics and retail operations, ensuring that compliance checks (like PCI or SOC2) are performed continuously and programmatically. - AI Asset Management: Discover and catalog "Shadow AI" usage across the enterprise, ensuring all third-party AI tools meet the enterprise’s privacy and security standards. Communicate findings and insights clearly to technical and business stakeholders. Qualifications - Expert-level knowledge of security architectures in AWS, Azure, and Google Cloud. - Mastery of Terraform, Ansible, or CloudFormation to deploy and manage security configurations at massive scale. - Ability to leverage Databricks to perform deep-dive analysis on billions of logs for threat hunting and efficacy reporting. - Experience securing Kubernetes (EKS/AKS/GKE) and Docker environments, focusing on runtime protection and image integrity. - Proficiency with OAuth 2.0, SAML, and CIAM solutions for large-scale customer and employee authentication. - Proficiency in using Python (PySpark/Pandas) within Databricks to build custom anomaly detection models that go beyond standard SIEM correlation rules. - Knowledge of the OWASP Top 10 for LLMs and experience implementing AI gateways or "firewalls" to monitor and filter AI-generated traffic. - Deep expertise in building "glue code" that connects disparate COTS and custom applications via secure, automated APIs to streamline cross-functional business activities. - The ability to explain to non-technical stakeholders how AI-driven security decisions are made and how to handle "false positives" at scale. - A relentless focus on identifying repetitive manual tasks and replacing them with self-healing, automated systems. Requirements - Bachelor’s and/or Master’s degree preferred, but can be substituted with significant experience. - 8+ years of relevant experience (cybersecurity architecture & engineering). - 4+ years focused on large-scale cloud or hybrid environments. Preferred Skills - Demonstrated AI or Machine Learning expertise applied to solve security or operational scaling problems. - Demonstrated experience managing environments with 10,000+ workloads and high-availability requirements for retail/commercial applications. - Experience with Databricks and Splunk (cloud data integration, analytics, etc.). Certifications (preferred) - Certified Information Systems Security Professional (CISSP) - Certified Cloud Security Professional (CCSP) - GIAC Public Cloud Security (GPCS) - GIAC Cloud Security Automation (GCSA) - Amazon Web Services (AWS) Certified Security – Specialty - Google Professional Cloud Security Engineer - Microsoft Certified: Azure Security Engineer Associate Security Clearance/Vetting - U.S. Citizenship required - Ability to complete Public Trust vetting

Role Description Join our team as a Security Engineer working within an agentic SOC environment. This role is designed for someone who is ready to grow beyond traditional analyst responsibilities and move deeper into security engineering, automation, cloud security, detection engineering, and AI-assisted security operations. You will help build, operate, and improve a modern SOC that uses automation, agentic workflows, AI-assisted investigation, and security engineering practices to improve detection, triage, response, and overall security visibility. This is a hands-on role for someone who enjoys solving technical problems, improving systems, and building security capabilities rather than only monitoring alerts. The ideal candidate has 2–3 years of cybersecurity experience, a strong SOC foundation, hands-on AWS knowledge, Python proficiency, and experience working with SIEM data and log pipelines. We are looking for someone motivated, curious, and eager to grow into a stronger security engineer within a modern, engineering-driven SOC model. Responsibilities - Build, maintain, and improve security workflows, integrations, detection processes, and operational tooling within an agentic SOC. - Work with automation, AI-assisted workflows, and agent-based capabilities that support alert triage, investigation, enrichment, and response. - Help design, configure, maintain, and troubleshoot log ingestion flows into the SIEM from AWS, applications, infrastructure, endpoint tools, and security platforms. - Create, tune, and maintain detection rules, alert logic, dashboards, playbooks, and investigation workflows. - Develop Python scripts and automations for alert enrichment, data processing, reporting, workflow improvement, and security operations support. - Support cloud security logging, monitoring, IAM reviews, and cloud detection use cases. - Review, analyze, and correlate security alerts and logs to identify suspicious activity and support investigations. - Assist with security event investigations, escalation, containment, remediation, and post-incident improvements. - Help improve SOC processes, playbooks, detection coverage, documentation, and response workflows. - Partner with security, cloud, IT, and engineering teams to improve visibility, reduce risk, and strengthen security operations. Qualifications - 2–3 years of experience in cybersecurity, SOC operations, security engineering, cloud security, detection engineering, or incident response. - Working knowledge of AWS services, cloud security fundamentals, logging, monitoring, IAM, and basic cloud architecture. - AWS entry-level certification required at minimum, such as AWS Certified Cloud Practitioner. AWS Solutions Architect – Associate or AWS Security Specialty is a plus. - Hands-on proficiency with Python for scripting, automation, data processing, security tooling, or workflow development. - Experience working with SIEM platforms, including log ingestion, parsing, alerting, dashboards, and detection logic. - Experience building, maintaining, or troubleshooting log flows from applications, infrastructure, AWS services, endpoint tools, or security platforms into a SIEM. - Strong understanding of SOC workflows, alert triage, investigation, escalation, and incident response processes. - Ability to help develop, tune, and improve detections based on logs, threat behavior, and operational needs. - Familiarity with agentic concepts, agentic frameworks, AI-assisted workflows, autonomous or semi-autonomous agents, and practical security operations use cases. Nice to Have - Hands-on exposure to LLMs, AI agents, agentic workflows, or AI-assisted security operations. - Experience with Sigma, SPL, KQL, SQL, YARA, or similar detection/query languages. - Familiarity with Terraform, CloudFormation, CDK, or similar tools. Compensation Information Compensation Range: $100,000-$150,000. The range represents total compensation, and may include incentive for sales roles, equity or benefits, as applicable. This compensation range represents Cyera’s good faith and reasonable estimate of the range of possible compensation for this role at the time of posting, and Cyera may ultimately pay more or less than the posted range. The final salary for this position will be determined in Cyera’s sole discretion, consistent with applicable law, and based on a variety of factors, including but not limited to the employee’s work experience, skills, and qualifications for the role, as well as the needs of Cyera’s business and other operational considerations. Final compensation will vary based on seniority and relevance of experience, location, and position requirements. This role may be eligible for potential merit increases based on factors such as individual or company performance, time in role, and other discretionary factors. Benefits - Ability to work remotely, with office setup reimbursement. - Competitive salary. - Unlimited PTO. - Paid holidays and sick time. - Health, vision, and dental insurance. - Life, short and long-term disability insurance.