Lead proactive cyber threat hunting, vulnerability analysis, and detection engineering efforts across enterprise and cloud environments.
Perform and support penetration testing activities, including coordination with internal teams and third-party vendors, validation of findings, and translation of results into actionable remediation and detection improvements.
Analyze vulnerability scan results, pen test reports, and threat intelligence to prioritize risk and drive remediation based on exploitability and business impact.
Develop and maintain security detections, analytics, and use cases aligned to the MITRE ATT&CK framework, informed by real-world attack techniques and testing outcomes.
Monitor and analyze endpoint, network, and cloud security telemetry to establish baselines, identify anomalous behavior, and detect adversary techniques.
Partner with infrastructure, cloud, and application teams to remediate vulnerabilities, validate fixes, and embed secure-by-design practices into systems and CI/CD pipelines.
Participate in incident response activities, including root cause analysis, post-incident reviews, and improvements to controls, detections, and testing strategies.
Requirements
Bachelor’s degree in IT Security, Computer Science, Engineering, or a related field, or equivalent relevant experience.
5 years of information security experience, including hands-on work in vulnerability management, penetration testing support, threat hunting, or security operations.
Experience interpreting vulnerability scan results and penetration testing findings, and communicating risk and remediation guidance to technical and non-technical stakeholders.
Hands-on experience creating and maintaining SIEM detection content and security rules to identify malicious, suspicious, or abnormal activity.
Experience using the MITRE ATT&CK framework to guide threat hunting, detection engineering, or adversary emulation efforts.
Strong working knowledge of AWS services, cloud security engineering principles, and infrastructure as code.
Scripting and automation experience using tools such as Python, Bash, or PowerShell.
10 years of information security experience (bonus).
Direct experience conducting penetration tests, red team or purple team exercises, or adversary emulation (bonus).
Experience preparing System Security Plans, supporting cybersecurity testing, or translating pen test and vulnerability results into executive-level risk summaries (bonus).
Relevant security certifications such as CISSP, GIAC, OSCP, CEH, CCSP, AWS, or similar (bonus).
Tech Stack
AWS
Cloud
Cyber Security
Python
Benefits
eligible for bonuses
medical, dental, vision, telehealth and mental healthcare
health savings account and flexible spending account
basic and voluntary life insurance
disability coverage
accident, critical illness and hospital indemnity supplemental coverages
legal and identity theft coverage
retirement savings plan
wellbeing program
discounted WGU tuition
flexible paid time off for rest and relaxation with no need for accrual
flexible paid sick time with no need for accrual
11 paid holidays
other paid leaves, including up to 12 weeks of parental leave