Remote Security Engineer

Job Description

US CITIZENS ONLY**

Remote Security Engineer (Python, Bash, AWS)

Location: Remote (must be EST)

Position:

• Staff Information Security Engineer to enhance cybersecurity capabilities.
• This role requires a deep understanding of the intelligence cycle, security investigation autonomy, and advanced knowledge in security frameworks and technology solutions.
• The ideal candidate will have extensive experience in security engineering, including extensive hands-on builder/maintainer experience with cloud environments and programming.

Responsibilities

• Intelligence and Investigations: Utilize the intelligence cycle effectively; independently conduct detailed security investigations.
• Risk Management: Analyze and reframe risks, effectively utilizing a 5x5 risk matrix.
• Vulnerability Management: Apply frameworks such as CVSS and EPSS for vulnerability assessment and classification.
• Security Architecture: Implement and manage defense-in-depth strategies; respond to incidents efficiently.
• Briefing and Reporting: Prepare and deliver concise security briefings on complex concepts to various stakeholders.
• SDLC and Security Integration: Demonstrate a thorough understanding of the SDLC and integrate security practices effectively throughout.
• System Design and Analysis: Describe and utilize various system design patterns and technology families including LAMP Stack, ETL Pipelines, MDMs, Microservices, and CICD Pipelines.
• Threat Modeling and Analysis: Conduct robust threat modeling for various systems.
• Technique Understanding: Have a keen understanding of common TTPs used by threat actors and the defenses against them.
• Scripting and Automation: Develop scripts in Python to support system integrations and analysis.
• Cloud Technology: Build and manage basic components in cloud environments.
• Data Analysis: Conduct moderate data analysis using preferred tools to drive decision making.
• Security Operations: Understand and develop the technological, administrative, and procedural aspects of security operations.
• Training and Mentoring: Mentor and provide guidance to team members across all seniority levels.
• Security Standards Development: Lead in the development and implementation of technical security requirements and standards.
• Security Reviews: Perform thorough security reviews on products and services, ensuring secure design principles.

Qualifications

• Proficient in scripting languages such as Python, Bash.
• Experience with security tools and services within AWS.
• Familiarity with security and compliance frameworks and standards.
• Familiarity with intelligence or cyber threat intelligence and how this drives security operations and engineering.
• Familiarity with SIEM, EDR, Firewalls.
• Familiarity with a rapidly maturing environment.

Company Description

• Founded in 1940, Yoh operates from 75 locations throughout North America and is headquartered in Philadelphia, PA.
• Yoh was the nation’s first technology staffing firm.
• As a business unit of Day & Zimmermann, Yoh has a flourishing global footprint, as our parent company operates from more than 150 worldwide locations.

Company Website:

• https://www.yoh.com/