Cybersecurity Engineer

About The Position

Requirements

• Bachelor’s degree or above in Cybersecurity, Computer Science, Information Technology, or related field.
• 1–3 years of hands-on cybersecurity experience, including vulnerability management, security operations, and security engineering roles.
• Solid understanding of common cyber threats, attack techniques, and defensive controls, with practical experience identifying and responding to security issues.
• Hands-on experience with vulnerability scanning, port scanning, and security testing, including analysis and validation of findings.
• Familiarity with web application security concepts and common vulnerabilities, including OWASP Top 10.
• Experience supporting security monitoring, alert triage, and incident response in production or enterprise environments.
• Foundational knowledge of Linux systems and networking fundamentals (TCP/IP, HTTP/HTTPS, DNS, firewalls).

Nice To Haves

• Hands-on experience from labs, internships, CTFs, or security training environments
• Exposure cloud security monitoring or detection tools.
• Practical experience with penetration testing, exploitation techniques, and offensive security tooling, or active preparation for hands-on certifications such as OSCP, OSWE, OSEP, OSED, OSMR, PNPT, CRTO, or similar practical security certifications.
• Prior experience in the financial services industry is a plus but not required.
• Proficiency in Spanish and/or Chinese (Mandarin) is a plus.

Responsibilities

• Support vulnerability management activities, including vulnerability scanning, severity assessment (CVSS), remediation tracking, and validation of fixes.
• Work with engineering teams to support security controls within CI/CD pipelines and development workflows.
• Assist in identifying, analyzing, and validating vulnerabilities, with a solid understanding of OWASP Top 10 risks.
• Participate in security operations, including daily alert monitoring, triage, and incident response activities.
• Support DDoS incident response and assist with basic attack investigation and log analysis.
• Continuously optimize and tune security alerting and detection rules to reduce false positives.
• Perform vulnerability scans, port scans, and authorized penetration testing for internal systems and office environments.
• Research and evaluate security tools and solutions (e.g., WAF, EDR, DLP, PAM, vulnerability scanners, cloud security tools) to support security program development.
• Assist with implementing and maintaining AWS cloud-native security controls, including IAM, network security, logging, and monitoring.
• Document security findings clearly and work with relevant teams to ensure issues are tracked and resolved.

Benefits

• Comprehensive Health Coverage: 100% paid medical and dental insurance for employees and dependents, vision insurance, and more!
• Financial Support: 401(k) match, commuter benefits for NY positions, and short-term disability coverage.
• Work-Life Balance: Generous time off that increases with tenure, paid parental leave, personal days, sick time, volunteer days and company holidays.
• Wellness & Pet Care: Fitness and wellness benefits, plus pet insurance for your furry friends.
• Investing in Your Future: We provide tuition reimbursement to help you pursue relevant degrees, certifications, and training that align with your career goals.
• Dynamic Office Perks: Catered breakfast (every Monday) & lunches (every Friday), fully stocked kitchens, and monthly happy hours to connect and collaborate.