Senior Security Engineer
Location
United States
Posted
5 days ago
Salary
0
Seniority
Senior
Job Description
Senior Security Engineer
Constellis
Role Description The Sr. Security Engineer is responsible for testing physical, logical, and electronic protection of data, including: - Cloud - Corporate - Web application - Access control - Intrusion detection/prevention - Virus protection Additionally, the role involves: - Digital Forensics - Software Development - Vulnerability Research - Reverse Engineering - Software/Hardware Engineering - Operational Consultancy (e.g., Red Teaming/Hunt, Mission Evaluation) - Performing incident response - Working in the global security operations center - Identifying current and emerging cyber events - Developing countermeasures with known and/or discovered indicators Qualifications - Bachelor's degree preferred. Three additional years of related experience beyond the minimum may be substituted in lieu of a degree. - Three years of IT engineering experience - 5+ years of cybersecurity incident response participation (Preferred) - Certified Information Systems Security Professional (CISSP) certification (Preferred) - Knowledge of operating systems internals and endpoint security experience - General knowledge of APT campaigns, Tools, Techniques, & Procedures (TTP), malware attack vectors, memory injection techniques, and malware persistence mechanisms - Ability to obtain at least a Top Secret clearance Requirements - Resolve incidents and problem tickets, escalated to the Incident Response Team, issued against supported devices within published SLAs - Identify opportunities for process improvement and automation of repetitive tasks leveraging a SOAR platform - Operate security operations technology (SIEM/EDR) and provide ongoing system support and advice to other users of this technology - Devise and implement approaches to monitor applications and data flows via effective information dashboards for operational metrics, end-to-end system data processing, incident management, change control, and compliance - Use monitoring data in combination with other sources to analyze the risk of a successful attack - Proactively recommend new tools, techniques, and procedures to enhance SOC performance and quickly learn new tools as they are introduced - Actively search all areas of the internal network for hidden threats and vulnerabilities - Assist in the development and documentation of policies and processes - Support audits and compliance efforts - Participate in red/blue/purple team exercises as needed to analyze threat scenarios and assess internal defenses. Document results - Engage positively across multiple teams to establish clarity, vision, and mutual trust in order to achieve business goals - Adhere to industry-specific local, state, and federal regulations, as applicable - Other duties as assigned Benefits - Constellis offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflect its commitment to creating a diverse and supportive workplace.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Manage, monitor, and maintain network security infrastructure with a focus on Fortinet solutions (FortiGate, FortiManager, FortiAnalyzer, FortiSwitch/FortiAP as applicable) • Perform day-to-day security operations: firewall policy management, VPN configuration and troubleshooting, traffic analysis, and incident response support • Design, implement, and maintain routing, switching, and network segmentation configurations in coordination with the client's network team • Monitor security events and logs, triage alerts, and escalate/respond to incidents per client protocols • Conduct firewall rule audits, policy optimization, and security posture reviews • Support patching, firmware upgrades, and change management processes for Fortinet devices • Troubleshoot complex network and security issues across LAN/WAN, VPN, and perimeter security layers • Document configurations, standard operating procedures, and incident reports • Collaborate with client stakeholders remotely, ensuring clear communication and timely delivery within the project's operational hours
Role Description The Cloud Security Engineer provides support for the implementation, troubleshooting, and maintenance of information security infrastructure and any process related to these systems in a Security Operations / IT Infrastructure environment. They will have a detailed understanding of cloud platforms, such as Microsoft Office 365 and Azure, on-premises infrastructure for policy maintenance, software/hardware security implementation and best practices, as well as scripting and relevant development skills to leverage automation and create custom connectors and analytics rules in a Microsoft Sentinel Environment. A successful candidate will also be well versed in security threats, exploits, and vulnerabilities which impact systems, networks, and assets and will utilize their abilities and experience to protect client environments. Thorough experience with Security Hardening across multiple products (Azure, O365, Active Directory), Endpoint Detection and Response technologies and understanding the implementation and support for those technologies is imperative to the success in this role. Essential Responsibilities (include but are not limited to): - Architect, establish and maintain best practices of implementation for our products/services. - Configure, implement, and support all production security tools and technologies. - Maintain excellent documentation (SOPs) for all security tooling implementation, support, troubleshooting, etc. - Troubleshoot issues with security toolsets within client environments. - Execute projects related to client onboarding – portal configuration, agent deployment, best practices configuration, systems auditing. - Actively work with other team members on security events that require urgent response, containment and remediation. - Provide ongoing recommendations on toolset tuning and best practices. - Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach. - Triage incoming support tickets and requests related to security tools managed by CyberSheath. - Take part in daily shift changeover meetings at the beginning and end of shifts. - Provide support for cloud-based SIEM, EDR, and Anti-Spam/Phishing products. - Provide support for additional security tools such as, but not limited to: SOAR, MFA, Encryption, and Vulnerability Management platforms. - Assist with triage of alerts as necessary. Qualifications - Minimum of 5 years’ experience with successful implementation of security products, security best practices, security device policies for small and large enterprises. - Minimum of 3 years' experience in Security Administration, and a deep understanding of how security interfaces/impacts with other IT teams/business objectives. - Deep understanding of Office 365 / Azure AD security tooling, policies and implementation, Azure AD / O365 reporting. - Networking understanding / working experience (TCP/IP, Routing, VPN). - Must be a U.S. Citizen and reside within the United States or its Territories. - Exceptional analytical and problem-solving skills. - Excellent communication skills to communicate with support personnel, customers, and managers. - Ability to work independently, remotely, and as part of a team. Requirements - Thorough working experience with the following products/technologies: KnowBe4, CrowdStrike, SAML/SSO, Okta, Intune, Cisco Umbrella, Rapid7, Defender for Endpoint, Defender for Office 365, Abnormal Security, Avanan. - Understanding of CIS (Center for Internet Security) benchmarks and implementation. - Working experience with DLP technologies/software (Office 365 native or third-party) is a plus. - Experience with Business Intelligence software for reporting (Power BI, BrightGauge, etc.). - Software development, coding, and/or advanced scripting experience is a plus. - Working expertise with Microsoft Sentinel, Google Chronicle, or Splunk. - Certifications related to Microsoft Azure and Microsoft Security products. Work Environment - Remote. - Please note that this role will be part of our SOC on-call rotation. Budgeted Pay Range $85,000 — $100,000 USD
Role Description We are looking for a hands-on Security Lead with strong technical depth to define, operationalize, and scale Apheris’ security capabilities. You will own cloud and application security, incident response, IT and corporate security, and security tooling across our environment. You will collaborate closely with engineering, product, and leadership, ensuring that security is embedded throughout our systems, operations, and development processes. You will maintain and evolve the unified security control framework, build scalable security processes, and lead efforts to detect, respond to, and remediate threats. Your focus is on anticipating risks, enabling teams, and ensuring that security is a natural part of day-to-day work. If you thrive at the intersection of technical depth, operational excellence, and cross-functional collaboration, while also influencing architecture, processes, and culture, this role is for you. What you will do - Own cloud and application security, including AWS security architecture, IAM, network security, and secure configuration management. - Drive and continually improve application security practices, including secure coding guidance, threat modeling support, and automated security testing in the SDLC. - Lead the incident response program, including playbook development, on-call readiness, threat detection, and response coordination. - Manage vulnerability management processes, ensuring risks are identified, triaged, and remediated effectively with engineering teams. - Maintain and evolve security tooling, including monitoring, logging, SIEM/alerting, and secrets management. - Collaborate with engineering and platform teams to embed security considerations into design and architectural decisions. - Contribute to the unified control framework, ensuring strong security foundations for ISO 27001 and SOC 2. - Own corporate and IT security, including endpoint management (e.g., MDM), identity and access management, and oversight of the external IT provider. - Lead security reviews by our customers, acting as a confident, trusted partner to enterprise clients throughout their evaluation process. - Stay ahead of emerging threats, technologies, and best practices to continuously uplift Apheris’ security posture. Qualifications - A degree in computer science, engineering, or equivalent hands-on experience in technical roles. - 5+ years of experience in security engineering, cloud security, application security, or similar technical security roles. - Hands-on expertise with AWS security architecture, identity and access management, network security, and modern DevOps practices. - Experience implementing or supporting secure development lifecycle (SDLC) practices, collaborating closely with engineering. - Strong understanding of modern authentication, authorization, secrets management, and infrastructure-as-code security. - Demonstrated experience handling security incidents, vulnerability management, or threat detection. - Demonstrated experience with large-enterprise security and compliance expectations, including how major corporates conduct security reviews and vendor due-diligence processes. - Experience maintaining compliance programs such as ISO 27001 or SOC 2. - Ability to build strong relationships across engineering and influence secure design decisions. - A pragmatic, solution-oriented mindset that balances security, usability, and speed. - Experience mentoring team members and helping them grow their security skills. Nice to have - Experience acting as a Data Protection Officer or supporting regulation like GDPR. - Experience leading and developing teams, with the ability to mentor others and scale a security function in a fast-growing environment. - Understanding of pharma deployment environments and integrations with common R&D platforms (e.g., Schrödinger Live Design, Benchling). - Experience working in B2B SaaS environments, particularly with AI-powered or data-intensive products, and an understanding of the security considerations that come with them. - Experience working directly with external partners, customers, and users in fast-moving, high-stakes projects. What we offer you - Industry-competitive compensation, including early-stage virtual share options. - Remote-first working – work where you work best. - Wellbeing budget, mental health support, work-from-home budget, co-working stipend, and learning budget. - Generous holiday allowance. - Office Days at our Berlin HQ or a different European location (3x per year). - A high-caliber, execution-focused team with experience from leading organizations.
Game Security Team Lead
CoinPokerWhere Poker Meets Blockchain - CoinPoker, the Future of Online Gaming!
• Lead or supervise investigations involving: Multi-accounting, Account sharing, Identity abuse, Payment fraud, Bonus abuse, Bot activity, Automated gameplay, Exploitation of game mechanics, Match manipulation, Collusion between users, Coordinated abuse networks, Suspicious behavioural patterns, Abuse of promotions or platform features. • Conduct investigations using multiple data sources, behavioural analysis, transaction history, gameplay telemetry, device intelligence, and internal tooling. • Identify emerging fraud trends and new abuse methodologies. Recommend new detection rules and monitoring strategies. • Collaborate with data science and engineering teams to improve automated detection capabilities. • Provide operational feedback that improves platform integrity and customer experience. • Produce regular reporting covering: Investigation volumes, Fraud trends, Operational KPIs, Detection performance, Emerging threats, Quality assurance findings, Team productivity, Risk exposure.



