BlackCloak is hiring a Security Engineer (Security Operations, Zero Trust)

Responsibilities

• Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others.
• Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team.
• Assist in development of new threat detections, playbooks, and automated response/remediation
• Support triage and response of security alerts, as an escalation point from the broader team.
• Participate in supporting security on-call rotation
• Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles
• Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDM
• Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, Zitadel
• Mature Zero Trust alerts and controls across risk-based alerting, posture checks
• Incorporation of Zero Trust principles into new programs and architecture designs
• Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools.
• Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training.
• Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture.
• Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings.
• Partner with Engineering, DevOps, to secure GCP, AWS environments
• Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts.
• Support development and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment.
• Incorporation of shift-left security tests and controls, into CI/CD pipelines
• Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats.

Requirements

• 3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment
• Deep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools.
• Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions.
• Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions.
• Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable.
• Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams.
• Ability to drive new projects, self-starter, with minimal supervision
• A proactive, "builder" mindset with a passion for improving processes, reducing risk.

Nice to Have

• Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform).
• Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF
• Familiarity with common application development languages such as Java or JavaScript
• Understanding of system and architecture design principles, from code to cloud
• Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA).

Benefits

• Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.
• Health Savings Account with company contribution for eligible medical plans.
• Flexible Vacation Plan
• 10 Paid Company Holidays
• 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance
• 401k with Traditional and Roth options, including employer match.
• Company Equity
• Paid Parental and Pregnancy Recovery Leave
• Company and team off-sites and virtual events throughout the year
• Home office stipend