Apply on Employer Site

Dscout · 23 hours ago

Cybersecurity Engineer

United States

Full-time

Remote

Mid Level

3+ years exp

Dscout is a leading UX research platform trusted by top brands across various industries. They are seeking a Cybersecurity Engineer to enhance their cybersecurity measures, focusing on risk reduction in their SaaS environment and internal IT systems.

Consumer ResearchMarket ResearchProduct ResearchUX Design

Growth Opportunities

Responsibilities

Lead the process to build security into the Dscout SaaS environment. This includes applying security throughout the software development lifecycle

Collaborate with Engineering to plan and implement cybersecurity controls to protect the SaaS environment. This includes applying leading practices to secure AWS resources (e.g., VPCs, EC2 instances, and containers)

Continually enhance security monitoring of the SaaS environment and internal IT services by implementing SIEM and working with Engineering to continuously improve logging and auditability

Assess evolving threats and develop recommendations to mitigate risk to Dscout. You will provide weekly threat intelligence reports highlighting potential risk to the organization

Work side-by-side with Engineering to analyze, contain, and mitigate cyber attacks and other related incidents

Perform vulnerability monitoring and, where appropriate, ensure remediation

Participate in the development of security policies and processes

Assist third party risk reviews

Provide recommendations to continually improve security controls

Assist in development of security programs and efforts to promote security awareness

Qualification

AWS securityOWASP Top 10Security monitoring toolsSecurity policiesTerraformCloud computingCI/CD securityISO 27001HITRUST certificationCuriosityRisk managementCommunication skillsDocumentation skillsPresentation skillsTeam collaboration

Required

Experience working with developers to conduct security reviews and provide strong recommendations to manage risk. This includes a strong understanding and practical use of OWASP Top 10 (web and AI)

Experience securing AWS cloud environments and infrastructure as code solutions such as Terraform

Proven ability to implement security monitoring tools such as Datadog. This includes the ability to identify relevant scenarios and ensure proper logging

Experience responding to cyber attacks such as bots and account compromise as well as threats like data leakage and infected computers

Strong knowledge of cloud computing environments

Working knowledge of security in software development and continuous integration/continuous delivery (CI/CD)

Experience documenting and implementing security policies and processes

Knowledge of security frameworks and standards: ISO 27001, NIST, or SANS preferred

Experience with HITRUST and/or SOC 2 certification is preferred

Good communication, documentation and presentation skills

Limitless curiosity and insatiable appetite to understand human behavior and relevant technologies

Bachelor's degree is preferred

CISSP, CCSP, or GIAC security certification preferred

A minimum of 3 years of security experience