Position Description
Secureside is a cybersecurity and technology company serving private and non-profit organizations of all sizes. Founded on the core principles of protecting, defending, and leading by example, our leadership team is well-respected for being experts guides to our clients. At Secureside, we believe that talented individuals are the key to success. We are always seeking new perspectives and unique skills to join our growing team.
The cybersecurity engineering position requires candidates who wish to find challenges on both sides of cyber – designing secure environments, compromising them, and iterating through the cycle to stay ahead of the curve. The cybersecurity engineer proactively keeps up-to-date with the threats landscape, conducts threat intelligence research, and converts that knowledge into offense and defense. The engineer assists clients with threat detection as part of Secureside’s service offerings and provides guidance on how to technically and strategically harden defenses. The cybersecurity engineer will use a mix of open-source and professional cyber tools to develop a fully-baked cyber arsenal and actively engage in campaigns such as pen tests and red-team exercises. This is an opportunity for a highly-motivated team player to focus heavily developing their own skills while learning from a team of seasoned cyber, IT and risk professionals. Help make a positive impact with Secureside’s clients by protecting them for cyber threats.
- Build and harden labs and production environments in traditional data center, hybrid, and cloud models
- Perform vulnerability assessments, penetration testing, and red-team exercises
- Support and/or lead application security testing
- Stay informed on current events through threat intelligence from OSINT and industry partners to enable threat hunting operations and improve detection capabilities
- Build, customize and implement a suite of cyber tools, including automation and orchestration capabilities where applicable
- Engage with clients to reveal weaknesses in their environments, identify better practices that should be instituted, and educate clients on how to improve their security over time
- Participate in a diverse mix of engagements that span multiple areas of professional competency that allows individuals to grow new skills and become both well-rounded and highly marketable
What is required for consideration?
Most importantly for candidates applying should be work experience, aptitude, work ethic and being truly capable of growing into an advanced role. The following list is not meant to be prescriptive. If a candidate has equivalent skill or experience in lieu of particular items below, we absolutely take that into account.
- 3+ years of cyber security experience with 3+ years of IT or Development experience
- Have performed duties in some the following capacities:
- Analyst, team lead, project lead / coordinator / manager
- Technical engineer or solutions engineer on design and/or implementation side
- Development, coding, DevOps, orchestration, automation
- Network and systems: design or integration
- Database design and management
- Working knowledge of the Cyber Kill Chain, MITRE ATT&CK Framework, CIS Top 20 and OWASP Top 10
- Programming experience in Python, R, Powershell, and/or Bash, or other scripting languages
- Development skills: LAMP – strongly preferred, MEAN – would be a plus
- Familiarity with Azure and AWS
- Well-versed in Microsoft and Linux/Mac operating systems, including the many services that support SMB or enterprise
- Working knowledge of popular IT and Cyber solutions: Endpoint, Network, Email, SIEM, Vulnerability, Cloud
- Major Plus: Tactical security cert such as from Offensive Security or other well-regarded technical security certification
Qualifications
- To perform the job successfully, an individual should demonstrate the following competencies:
- Technical Skills – Demonstrates technical competency, knowledge, and professional care commensurate with completion of assignments, and an eagerness to learn and absorb new technical and industry-specific information.
- Interpersonal – Ability to cultivate strong collaborative working relationships and contacts within work group, across other company functions and with external organizations.
- Oral Communication – Listens and gets clarification; continually asks good questions and incorporates them into foundational knowledge. Demonstrates effective public speaking skills. Capable of leading meetings with business unit executives.
- Team Work – Contributes to building a positive team spirit.
- Written Communication – Writes clearly and informatively; able to read and interpret written information.
- Ethics – Treats people with respect; inspires the trust of others; demonstrated ability to successfully handle sensitive discussions, strong personal ethics commitment and demonstrated good judgment.
- Adaptability – Adapts to changes in the work environment; able to deal with frequent change, delays, or unexpected events.
- Analytic Skills – Ability to obtain, analyze, and evaluate evidentiary data to form an informed and objective opinion on the adequacy and effectiveness of the area being reviewed.
- Project Management – Demonstrates excellent analytical, project management and organizational skills. Able to manage multiple assignments proficiently. Effectively prioritizes tasks and manages time to meet established budget and milestones.
- Dependability – Follows instructions, responds to management direction; takes responsibility for own actions; keeps commitments; commits to long hours of work when necessary to reach goals.
- Professionalism – Reacts well under pressure; treats others with respect and consideration regardless of their status or position; accepts responsibility for own actions; follows through on commitments.
- Quality – Demonstrates accuracy and thoroughness; applies feedback to improve performance.