Information Security Engineer
Information Security Engineer
About the Role:
Kyruus is searching for an information security professional or a candidate with a technical background making a transition into security. This is an exciting opportunity to help build and expand a security program that must be designed to scale and meet regulatory compliance. This opportunity will involve all facets of security including appsec, cloud, DevOps, audit, and Information Technology. The role will be cross-functional in nature requiring the ability to work with all types of teams and levels.
What You’ll Do:
- Implement both technical and administrative security controls across the organization
- Help extend our security architecture and monitoring in our AWS platform
- Identify security gaps in the existing NIST CSF and HIPAA Security Rule frameworks and apply remediation
- Expand vulnerability management platform and processes
- Monitor security alerts within corporate and production platforms
- Assist in security audits and risk assessments
- Work closely with IT, DevOps, and Engineering on security monitoring and reviews
- Help prepare for SOC2 and HITRUST audits
You’ll be successful if you have:
- A Bachelor’s Degree in a technical field such as Engineering or IT
- 3-5 years of relevant experience
- Experience with operational security monitoring tools such as auditd, ossec, or related SIEM
- Experience with vulnerability scanning tools such as Qualys, Rapid7, Tenable, and Veracode
- Firm understanding of AWS infrastructure services such as EC2, IAM, S3, VPC
You’ll be amazing if you are all of the above, plus have:
- Industry certifications such as CISSP, SANS/GIAC, CompTIA, AWS
- Experience working in SOC2, ISO, or HITRUST environments
- Experience with HIPAA Security and Privacy rules
- Understanding of OWASP Top 10 and application security principles
- Familiarity with Agile and DevOps SDLC
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.