• Plan, design, and execute red (and purple) team engagements to simulate advanced adversarial tactics and techniques • Perform in-depth penetration tests on web applications, endpoint agents, internal systems, and our people • Utilize a mix of traditional scripting and generative AI platforms to rapidly prototype tools, replicate sophisticated cyber threats, and automate repetitive workflows during live engagements • Conduct social engineering campaigns to evaluate human vulnerabilities • Collaborate closely with the Security Operations Center and CSIRT teams to enhance detection and response capabilities • Stay informed on emerging threats and update red teaming methodologies • Partner with Product Security to prioritize testing efforts for new releases • Analyze and exploit vulnerabilities through detailed operational logging, leveraging strong documentation and communication skills to translate complex technical findings into actionable remediation guidance that directly hardens the organization's security • Develop and deliver detailed technical and executive-level reports post-engagement • Integrate red team tools, techniques, and processes into a broader security strategy • Lead or participate in after-action reviews to identify lessons learned • Assist in designing and implementing security controls based on red team findings

• Atuar na operação diária de SOC (N1 e/ou N2) • Monitorar, analisar e investigar ofensas no IBM QRadar • Realizar triagem e validação de alertas de segurança • Reduzir falsos positivos através de análise criteriosa de eventos e logs • Conduzir investigações de incidentes de segurança • Apoiar na contenção e tratativa inicial de incidentes • Documentar incidentes e evidências de forma clara e estruturada • Apoiar na melhoria contínua da maturidade de monitoramento

• Work closely with development teams to promote secure development practices (Secure Coding). • Support the implementation and evolution of Application Security (AppSec) and DevSecOps initiatives. • Perform security assessments of web applications, APIs, and integrations. • Identify vulnerabilities and assist teams in remediation and risk mitigation. • Participate in security-focused code reviews. • Work with security tools such as SAST, DAST, SCA and vulnerability scanners. • Support the construction of secure pipelines in CI/CD environments. • Help define standards, policies and security best practices for applications. • Participate in initiatives related to security applied to Artificial Intelligence (AI), including data protection, ensuring safe model usage and risk analysis for AI-enabled applications. • Support risk assessments related to the use of generative AI and intelligent automations within the corporate environment. • Collaborate with Engineering, Architecture, Cloud and Information Security teams to strengthen solution security. • Promote security and safe-AI awareness for technical and product teams. • Monitor trends, threats and best practices related to AppSec, DevSecOps and AI security.

Title: IT Cyber Security Engineer Location: Akron United States Job Description: Job#: 3035357 Job Description: POSTION: IT Cyber Security Analyst LOCATION: 100% (Must reside near Akron, OH) DIRECT HIRE - We are unable to sponsor Visa at this time* Apex Systems is seeking a highly qualified IT Cyber Security Analyst for a full-time position location in Akron, OH. performed 100% remote with infrequent multi-day trips to the Akron, Ohio area as needed (a few times per year). The Cyber Security Analyst works across all divisions and business units to protect the cyber assets. We seek a knowledgeable individual well-versed in current cyber security and information security strategies with skills to effectively apply such strategies to a large, dynamic, heterogeneous landscape. Job Requirements: - 5+ years of experience in a real cyber security role doing practical cyber security at a midsized or large organization. - Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners outside the cybersecurity program in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. - Familiarity with common cyber security related tools such as vulnerability scanners (Tenable preferred), ServiceNow IRM and GRC, Microsoft Power Automate, Microsoft Power BI, and other similar toolchains. - Strong decision-making, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one - Able to participate in an on-call rotation (cycling daily; on-call once every ~4-6 days) responding to out-of-hours calls and alerts in support of security response. Job Duties: - Act as a subject matter expert (SME) between cybersecurity and the business units in the development of appropriate policies, standards, and frameworks - Continuously monitor trends to anticipate and plan for future impact of cyber risk on a specific business unit (BU) or function - Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization - Educate stakeholders on cybersecurity-related matters to increase awareness and improve culture - Performs focused information risk assessments of existing or new services and technologies, along with business counterparts. - Identifies and facilitates implementation of appropriate controls to effectively manage cyber and information risks as needed. - Understand software and system vulnerability processes, manage vulnerability patches through a process lifecycle, and perform vulnerability assessments on systems and services Additional Skill Desired: - An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization. - An ability to effectively influence others by informing their opinions, plans or behaviors. - Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner Education: - Bachelor's Degree in Computer Science, Information Security, or similar discipline is preferred. A bachelor's degree in another field with relevant industry experience in cyber/information security will be considered. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178. Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide. Employee Type: FullTime Location: Akron, OH, US Job Type: Pay Range: $89,000 - $115,000 Similar Jobs - Cyber Security Engineer - Cyber Security Specialist - Cyber Security Analyst - Cyber Security SME - Cyber Security / Qualys Engineer