Cyber Security Engineer

Summary

Join Apprentice, a rapidly growing life science company, as a Cybersecurity Engineer. You will play a key role in securing our cloud-based platforms, ensuring compliance, and mitigating cybersecurity risks. This mid to senior-level position requires 5-9 years of experience in cybersecurity. You will collaborate with cross-functional teams, design and implement security measures, and respond to security incidents. The role involves vulnerability management, security architecture, compliance, and risk assessment. Apprentice offers a generous benefits package, including health insurance, unlimited PTO, paid parental leave, and a remote-friendly work environment.

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)
• 5-9 years of experience in cybersecurity, including experience in SaaS, cloud security, or software development environments
• Strong knowledge of security frameworks and standards such as ISO 27001, NIST, CIS, SOC 2, or GDPR
• Experience with cloud security tools and technologies (e.g., AWS Security Hub, Azure Defender, GCP Security Command Center)
• Proficiency in security tools such as SIEM systems, vulnerability scanners, and endpoint protection solutions
• Hands-on experience in incident response, threat hunting, and malware analysis
• Strong scripting and programming skills (e.g., Python, Bash, PowerShell) to automate security tasks
• Excellent analytical, problem-solving, and communication skills
• Relevant certifications such as CISSP, CISM, CEH, AWS Certified Security – Specialty, or equivalent
• Experience with Zero Trust security models and architecture
• Knowledge of secure software development practices and tools (e.g., SAST, DAST)
• Familiarity with data privacy laws and regulations such as CCPA and HIPAA

Responsibilities

• Design and Implement Security Controls: Develop and implement security measures to protect the company’s cloud-based SaaS infrastructure, applications, and data
• Threat Detection and Incident Response: Monitor for and respond to security incidents, investigate breaches, and lead incident response efforts to minimize impact and prevent recurrence
• Vulnerability Management: Conduct regular security assessments, vulnerability scans, and penetration testing, and recommend remediation strategies
• Security Architecture: Collaborate with engineering teams to ensure secure design and architecture of SaaS applications and infrastructure
• Compliance and Governance: Ensure compliance with security standards such as ISO 27001, SOC 2, GDPR, and other relevant regulations
• Cloud Security: Develop and enforce best practices for securing cloud platforms such as AWS, Azure, or Google Cloud, including IAM, network security, and container security
• Risk Assessment: Identify and assess potential security risks, develop risk mitigation strategies, and maintain risk management documentation
• Security Automation: Implement automation solutions for security processes, such as log analysis, vulnerability patching, and compliance checks
• Training and Awareness: Provide security training and awareness programs to employees to promote a culture of security

Preferred Qualifications

• Experience working with tools such as DataDog, Okta, CloudFlare, WAF, AWS, Terraform, Python, or any other coding languages are highly desirable
• Familiarity with DevSecOps practices and tools (e.g., Jenkins, GitLab CI/CD, Terraform, Kubernetes)

Benefits

• Generous benefits package (health, dental, vision)
• Unlimited PTO
• Every employee is a shareholder!
• Paid parental leave
• Remote-friendly & flexible with a $250 at-home work setup stipend
• 16 company holidays, including one week off for the 4th of July and the week off between Christmas and New Year
• Generous 401k match and contribution