Cyber Security Engineer

Remote- United States

Lumin Digital

View company page

Serving as both a security professional for our corporate and our public cloud environments that host our financial services platforms, at Lumin Digital, a Cyber Security Engineer is responsible for:
1. Monitoring and evaluating threats to a cloud-hosted digital banking solution
2. Assessing applications, networks, and systems to identify vulnerabilities
3. Designing, implementing, supporting, and monitoring technical controls to protect people and sensitive data
4. Following industry standard practices to prepare for, identify, contain, eradicate, and recover from security incidents
5. Supporting risk management, compliance, and audit functions to measure and continuously improve the information assurance of environments

-Develop and improve monitoring, reporting, and alerting capabilities that allow for the security team to identify, prioritize, and address threats by using research, security tools, scripting, database queries, data manipulation, and reporting writing technical skills.
- Develop and maintain threat models to inform and prioritize the risk management activities of the security team. Use and maintain vulnerability scanning and penetration testing tools to quickly identify weaknesses across multiple environments and systems at scale.
- Collaborate with clients, auditors, vendors, and the internal security team to develop thorough assessment testing strategies and validate the security posture of multiple layers of environments, from low-level physical to high-level application layers.
- Investigate reported vulnerabilities and risks to qualify and confirm findings and follow established procedures to directly resolve or to assign remediation actions to other functional areas.
- Develop strategies, scripts, configurations, or other manual procedures to reduce security risks across cloud services, servers, network devices, and end-user endpoints.
- Design, deploy, and operate security solutions, including firewalls, intrusion detection, DLP tools, CASB’s, and AV/EDR systems, to design, deploy, and maintain configurations and policies that reduce security risks in automated virtual and containerized environments.
- Participate in or lead formalized security incident response procedures as part of a team, including all phases of the incident handling lifecycle, from preparation through lessons learned.
- Collect evidence of security program activities to satisfy client due diligence requests as well as support internal and external audit activities.

- Five (5) years of experience in a relevant technology domain, including security engineering, software engineering, information technology, systems administration, technical fieldwork, or information assurance required.
- Three (3) years of demonstrated experience in designing and implementing controls to manage security risks in a full-time capacity in a containerized, cloud environment as a security engineer, DevSecOps team member, or similar role required.
- Experience with AWS, Linux, Kubernetes, Git, and scripting in Bash and Python required.
- In-depth technical knowledge of cybersecurity tools, techniques, and procedures to identify and analyze threats and devise and monitor technology safeguards to protect sensitive assets.
- Design skills and ability to implement security controls at the operating system, containerization, orchestration, and network levels, including with SELinux, auditd, sshd, iptables, syslog variants, Snort/Suricata, and Zeek.
- Calm and serious attitude, technical aptitude, appropriate sense of urgency, and communication skills to effectively coordinate with internal team members to remediate vulnerabilities and reduce security risks.
- Must be able to pass requisite background checks to access sensitive information.
- Must have strong client orientation and demonstrate professional demeanor that earns the trust and respect of individuals inside and outside Lumin Digital.
- Ability to prioritize tasks, exercise sound judgment and confidentiality with sensitive information
- Good communication, interpersonal, and presentation skills
- Ability to work remotely while maintaining a high level of productivity and effectiveness with limited supervision
- Strong drive to fully understand threats and weaknesses, to continuously improve our posture, and to professionally develop in this quickly-changing career

Bachelor’s Degree in Computer Science, Management Information Systems, Information Assurance, Information Security, Cybersecurity, or related field; or equivalent self-study in cybersecurity with demonstrated command of key concepts and technologies and proficiency in digital forensics, incident response, secure application development, penetration testing, or other technical security risk management domains required.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: AWS Banking Bash Cloud Compliance Computer Science DevSecOps EDR Firewalls Forensics Incident response Intrusion detection IPtables Kubernetes Linux Monitoring Pentesting Python Risk management Scripting Snort Vulnerabilities

Perks/benefits: Career development

Regions: Remote/Anywhere North America
Country: United States
Job stats:  18  4  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.