Istari DigitalRemote
Customer Success Cybersecurity Engineer
United States
Full Time
2 hours ago
$98,000 - $148,000 USD
No H1B
Key skills
PythonBashPowerShellAWSAzureGCPTerraformKubernetesAnsibleVaultCloudFormationIAMAzure ADPrismaOktaSSOSplunkSDLCCI/CDCommunicationTrivyNetwork SecurityCloud SecurityZero TrustWAF
About this role
Istari Digital is a digital engineering software company focused on creating scalable digital engineering ecosystems. They are seeking a highly experienced Cybersecurity Engineer to design, implement, and operate security architecture and controls for their cloud-native products and platform, ensuring secure innovation in a fast-paced environment.
Responsibilities:
- Lead security design and threat modeling for new and existing systems (cloud, application, data, network)
- Implement and manage core controls: IAM/SSO, least privilege, network segmentation, encryption and key management, secrets management, endpoint and email security
- Build and operate detection and response capabilities: SIEM/EDR/SOAR, log pipelines, alert tuning, use-case development, threat hunting
- Own vulnerability remediation: scanning, triage, risk-based prioritization, remediation with product/IT teams, tracking to closure
- Strengthen application and cloud security: SAST/DAST/SCA, secure SDLC, CI/CD guardrails, IaC scanning, container/Kubernetes runtime protections, CSPM/CIEM
- Coordinate and support security testing: internal reviews, penetration tests, red/purple team, tabletop exercises; drive remediation and lessons learned
- Lead/participate in incident response: triage, containment, eradication, recovery, forensics, root-cause analysis, post-incident reports and runbooks
- Define and maintain security standards, baselines, hardening guides, and architecture diagrams
- Monitor and report security metrics, KPIs/KRIs, and risk posture to stakeholders
- Support audits and compliance efforts (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA) and align controls to frameworks (NIST CSF, CIS Controls)
- Conduct third‑party/vendor security reviews and support contract/security requirements
- Drive security awareness initiatives and phishing simulations; mentor engineers on secure practices
- Contribute to business continuity and disaster recovery planning and testing
- Automate repetitive tasks and integrations to improve scale and reliability
Requirements:
- Bachelor's in Computer Science, Engineering, Information Security, or equivalent practical experience
- 3+ years of hands-on cybersecurity engineering, blue team, or security operations experience (adjust years for your level)
- Strong understanding of networks and protocols (TCP/IP, DNS, HTTP(S)/TLS, routing, VPN, firewalls, Zero Trust concepts)
- Practical experience with two or more: SIEM, EDR, IDS/IPS, WAF, CSPM/CIEM, vulnerability scanners, SAST/DAST/SCA, PAM/IGA, PKI
- Cloud security experience in at least one major cloud (AWS/Azure/GCP): IAM, network security, KMS, logging/monitoring, security services
- Proficiency in scripting/automation (e.g., Python, Bash, PowerShell) and exposure to IaC/Config management (Terraform, CloudFormation, Ansible)
- OS administration and hardening (Windows, Linux, macOS) and endpoint security fundamentals
- Familiarity with MITRE ATT&CK, common attack techniques, and modern detection strategies
- Experience participating in incident response and writing/runbook-level documentation
- Knowledge of cryptography basics (encryption at rest/in transit, key rotation, cert management)
- Clear communication skills and ability to partner with cross‑functional teams
- Must be a US citizen living within the United States
- Must have approved Commercial Personnel Certification in alignment with DoD Cyberspace Workforce Framework (DCWF)
- CompTIA Network+, CND, etc., or
- A qualifying Academic Degree/Education Certificate
- Understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC
- DevSecOps experience embedding security into CI/CD, artifact signing, and SDLC governance
- Container/Kubernetes security (admission controls, runtime policies, image scanning)
- Data protection and privacy controls (DLP, tokenization, data classification)
- Identity security (SSO/MFA, conditional access, PAM, IGA) and Zero Trust architectures
- Threat intelligence integration and use-case development; basic digital forensics
- SOAR playbook design and automation; custom detections and log enrichment
- Experience with regulatory environments (e.g., healthcare, fintech, government)
- Contributions to security architecture reviews and risk assessments at scale
- Certifications a plus: Security+, GSEC, GCIH, GCIA, GCED, CISSP, CCSP, CCSK, OSCP, AZ‑500, SC‑100, AWS Security Specialty
- Experience with tools such as Splunk/Microsoft Sentinel, CrowdStrike/Defender, Qualys/Nessus, Burp/ZAP, Prisma/Aqua/Twistlock, Trivy, Checkov/tfsec, Vault/KMS, Okta/Azure AD, Palo Alto/Fortinet, Elastic
- Active TS Security Clearance