What you will doSecurity Operations & Incident Response (Primary)Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others.Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team.Assist in development of new threat detections, playbooks, and automated response/remediationSupport triage and response of security alerts, as an escalation point from the broader team.Participate in supporting security on-call rotationZero Trust & Network Security (Secondary)Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principlesCollaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDMSupport design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, ZitadelMature Zero Trust alerts and controls across risk-based alerting, posture checksIncorporation of Zero Trust principles into new programs and architecture designsApplication Security (Support)Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools.Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training.Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture.Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings.Cloud & Infrastructure Security (Support)Partner with Engineering, DevOps, to secure GCP, AWS environmentsLeverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts.Support development and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment.Incorporation of shift-left security tests and controls, into CI/CD pipelinesHelp expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats.What You Need to be Successful3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environmentDeep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools.Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions.Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions.Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable.Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams.Ability to drive new projects, self-starter, with minimal supervisionA proactive, "builder" mindset with a passion for improving processes, reducing risk.Nice to haveFamiliarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform).Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSFFamiliarity with common application development languages such as Java or JavaScriptUnderstanding of system and architecture design principles, from code to cloudRelevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA).Salary range$100,000 - $140,000 a yearFinal offer amounts are determined by multiple factors, including but not limited to geographic location as well as candidate experience and expertise, and may vary from the amounts listed above.About BlackCloakBlackCloak is an extremely fast-growing company in an entirely new product category. We have amazing product fit validated by industry awards and an impressive client base of Fortune 500 companies across all industries. BlackCloak offers a competitive salary, exceptional benefits, and a dynamic work environment. Below is a quick summary of BlackCloak’s generous benefits package for full-time employees includes:100% Remote Company, within the USAComprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.Health Savings Account with company contribution for eligible medical plans.Flexible Vacation Plan10 Paid Company Holidays100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance401k with Traditional and Roth options, including employer match.Company EquityPaid Parental and Pregnancy Recovery LeaveCompany and team off-sites and virtual events throughout the yearHome office stipendWe are an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military service status, citizenship, or other protected characteristic.Learn More about UsWebsite:
https://blackcloak.ioLinkedIn: /blackcloakTwitter: @BlackCloakCyberWhite Paper:
https://bc.blackcloak.io/quantifying-the-business-need-for-digital-executive-protection-report-download#liremote
