Sr. Cybersecurity Engineer

Job Description

Sr Cybersecurity Engineer will be responsible for the planning design, deployment, and maintenance of apiphani’s cybersecurity posture and controls to protect information assets. In addition, the Sr Cybersecurity Engineer will provide advisory services to apiphani clients in a consulting and advisory capacity.

Job Duties

• Develop, deploy, and manage an information security program for apiphani
• Develop and maintain information security policies, standards, procedures, and risk management plans
• Work with other leaders at apiphani to ensure compliance with industry standards, and best practices, including SOC 2
• Implement and manage security solutions, such as firewalls, intrusion detection/prevention systems, endpoint protection, encryption, and other related technologies
• Oversee penetration tests and other risk and vulnerability assessments to identify potential threats and security exposures, and develop appropriate countermeasures and controls
• Maintain security incident response plans, monitor security incidents, and conduct incident response
• Maintain security awareness and training programs to educate employees on security policies and procedures
• Mentor Security Analyst and provide day to day tasking
• Stay up to date with the latest developments in information security, risk management, and compliance
• Review client’s current security program and assist with maturity
• Identify gaps in client’s current solutions and practices and build a corresponding roadmap that can be communicated to key stakeholders within the organization
• Advise on the direction and priorities of client’s IT projects and initiatives as they relate to cybersecurity
• Host or participate in client’s infrastructure or security team meetings
• Advise on vendor specific partnerships and solutions available for apiphani and clients
• Advise in security risk assessments and help clients determine business risk
• Meet with internal and external customers to develop relationships and foster co-innovation opportunities

Required Skills

• Bachelor of Science in Computer Science, Engineering, Applied Sciences, or equivalent work experience
• 5+ years of experience in relevant hands-on security engineering and administration in servers, networking, DevOps, cloud, or operating systems.
• At least one of the following certifications, or the ability to obtain within six months of being hired: CISSP, CRISC, SANS GIAC
• Professional working knowledge of information security standards and guidelines such ISO 27001, NIST 800-53, NIST 800-171, NIST CSF, CIS, PCI DSS, and SOC
• Strong infrastructure engineering fundamentals (AWS or Azure, networking, storage, systems)
• Experience working at an MSP or SI a plus
• AWS or Azure cloud native security services usage on commercial or government cloud a plus
• Service management and governance experience with ITIL a plus
• Experience with one or more ticketing systems (ServiceNow preferred)
• Great communicator who can write and present effectively
• Is able to effectively prioritize competing priorities and manage multiple workstreams
• Either has or is willing to obtain clearance
• Strong analytical and critical thinking skills, and thrives in a team environment
• Self-organized, deadline and detail-oriented
• Strong leadership capabilities and ownership bias