Cision is looking for a Security Engineer I to strengthen and optimize our security capabilities by reviewing existing tools, applications, and processes to identify gaps. You'll establish cloud security best practices, integrate security platforms, and collaborate with R&D teams to maintain a secure architecture and analyze security events.
What You'll Do
- Design, implement, and manage security solutions that protect internal, third-party systems, and customer data.
- Review existing tools, applications, and processes to identify gaps.
- Establish and maintain cloud security architecture best practices, focusing on cloud platforms.
- Integrate new and existing security platforms.
- Collaborate with R&D teams to maintain a secure architecture.
- Analyze security events for anomalous activity.
- Ensure security practices are aligned with compliance requirements while driving technical solutions for secure systems and data protection.
- Design, implement, and maintain security architectures across cloud, third-party, and on-premises environments.
- Embed security within CI/CD pipelines, establish security standards, and conduct secure code reviews.
- Manage encryption technologies for securing data at rest and in transit, including cryptographic keys.
- Design and manage secure identity solutions, including SSO, Identity Providers (IdPs), and federation protocols.
- Develop secure coding practices, train teams, and develop standards to prevent vulnerabilities.
- Align technical controls with regulatory and audit requirements using GRC frameworks.
- Perform risk assessments, threat modeling, vulnerability assessments, and mitigation planning.
- Participate in incident response strategies, SOC collaboration, and implement continuous monitoring tools.
- Work with cross-functional teams, mentor junior engineers, and act as a subject matter expert.
What We're Looking For
- Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (GDPR, HIPAA, PCI-DSS).
- Hands-on experience with security tools such as IDS/IPS, SIEM, vulnerability scanners, and penetration testing platforms.
- Experience with cloud platforms (AWS, Azure, GCP, OCI or Alibaba) and securing cloud-native applications.
- Proficiency in programming languages (e.g., Python, Java, C++) and automation tools (e.g., Terraform, Ansible).
- Strong knowledge of networking protocols, firewalls, VPNs, proxies, and security monitoring tools.
- 5+ years of relevant experience in security engineering and GRC-focused security solutions development.
- Extensive hands-on experience in DevSecOps, integrating security in CI/CD pipelines, and supporting development teams in secure coding practices.
- Proven expertise in cryptography, including encryption, key management, and digital signatures.
Nice to Have
- Familiarity with Okta and Keycloak.
Technical Stack
- Security Tools: IDS/IPS, SIEM, Vulnerability scanners, Penetration testing platforms
- Cloud Platforms: AWS, Azure, GCP, OCI, Alibaba
- Languages: Python, Java, C++
- Automation: Terraform, Ansible
- Identity: Okta, Keycloak
Team & Environment
You'll work across multiple departments and collaborate closely with R&D teams.
Work Mode
This is a global position based in Hungary.
Cision is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other protected statuses.
