Key skills
PythonBashAWSAzureGoogle CloudKubernetesDockerSaaSOWASPPenetration TestingNetwork Security
About this role
Squadmakers is a leading technology staffing and consulting firm based in New York City, specializing in providing top-quality professionals across various industries. They are seeking a Cybersecurity Engineer to ensure the security and resilience of their infrastructure and client solutions by identifying vulnerabilities, performing security assessments, and ensuring compliance with data protection regulations.
Responsibilities:
- Assess and secure ApolloV2's cloud infrastructure and platform environments
- Identify security risks in infrastructure architecture and propose remediation strategies
- Ensure systems are resilient against cyberattacks, unauthorized access, and service disruption
- Perform regular penetration tests on internal systems, cloud environments, and client-facing applications
- Conduct vulnerability assessments and security audits
- Simulate attack scenarios to evaluate system resilience
- Analyze the security of web and API-based applications
- Identify vulnerabilities such as those defined in the OWASP Top 10
- Work with development teams to remediate security issues and improve secure coding practices
- Evaluate system defenses against hacking attempts, intrusion attacks, and exploitation techniques
- Recommend security improvements to increase platform resilience and incident response readiness
- Support the implementation of monitoring and detection mechanisms
- Ensure compliance with GDPR and international data protection regulations
- Verify that ApolloV2 systems and client solutions comply with European and US security and privacy standards
- Conduct security reviews of systems handling sensitive athlete and medical data
- Produce detailed reports from penetration tests and vulnerability analyses
- Maintain documentation on security practices, controls, and remediation processes
- Provide security recommendations to technical and management teams
Requirements:
- Bachelor's degree in Computer Science, Information Technology, or a related field
- Minimum of 3 years of experience in a cybersecurity role
- Strong knowledge of cybersecurity principles, protocols, and technologies
- Experience with network and system security, intrusion detection, and vulnerability management
- Familiarity with industry compliance standards such as HIPAA, PCI, and GDPR
- Certifications such as OSCP, CEH, CISSP, or similar
- Experience performing red team / ethical hacking engagements
- Background in securing SaaS platforms
- Experience working with high-sensitivity data environments
- Penetration testing methodologies
- Vulnerability assessment and risk analysis
- Web application and API security
- Network security fundamentals
- Security architecture and infrastructure hardening
- Experience working with or auditing against GDPR
- Experience working with or auditing against SOC 2
- Experience working with or auditing against ISO 27001
- Experience with penetration testing tools (Burp Suite, Metasploit, Nmap, OWASP ZAP)
- Experience with vulnerability scanners (Nessus, Qualys)
- Experience with network monitoring and logging tools
- Experience with security testing frameworks
- Experience securing environments in AWS, Azure, or Google Cloud
- Scripting or automation in Python, Bash, or similar
- Ability to analyze and understand application codebases and system architecture
- Experience with containerized environments (Docker, Kubernetes) is a plus
- Relevant certifications such as CISSP, CISM, or CEH are a plus