Summary
Join Apprentice, a rapidly growing life science company, as a Cybersecurity Engineer. You will play a key role in securing our cloud-based platforms, ensuring compliance, and mitigating cybersecurity risks. This mid to senior-level position requires 5-9 years of experience in cybersecurity. You will collaborate with cross-functional teams, design and implement security measures, and respond to security incidents. The role involves vulnerability management, security architecture, compliance, and risk assessment. Apprentice offers a generous benefits package, including health insurance, unlimited PTO, paid parental leave, and a remote-friendly work environment.
Requirements
- Bachelorβs degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)
- 5-9 years of experience in cybersecurity, including experience in SaaS, cloud security, or software development environments
- Strong knowledge of security frameworks and standards such as ISO 27001, NIST, CIS, SOC 2, or GDPR
- Experience with cloud security tools and technologies (e.g., AWS Security Hub, Azure Defender, GCP Security Command Center)
- Proficiency in security tools such as SIEM systems, vulnerability scanners, and endpoint protection solutions
- Hands-on experience in incident response, threat hunting, and malware analysis
- Strong scripting and programming skills (e.g., Python, Bash, PowerShell) to automate security tasks
- Excellent analytical, problem-solving, and communication skills
- Relevant certifications such as CISSP, CISM, CEH, AWS Certified Security β Specialty, or equivalent
- Experience with Zero Trust security models and architecture
- Knowledge of secure software development practices and tools (e.g., SAST, DAST)
- Familiarity with data privacy laws and regulations such as CCPA and HIPAA
Responsibilities
- Design and Implement Security Controls: Develop and implement security measures to protect the companyβs cloud-based SaaS infrastructure, applications, and data
- Threat Detection and Incident Response: Monitor for and respond to security incidents, investigate breaches, and lead incident response efforts to minimize impact and prevent recurrence
- Vulnerability Management: Conduct regular security assessments, vulnerability scans, and penetration testing, and recommend remediation strategies
- Security Architecture: Collaborate with engineering teams to ensure secure design and architecture of SaaS applications and infrastructure
- Compliance and Governance: Ensure compliance with security standards such as ISO 27001, SOC 2, GDPR, and other relevant regulations
- Cloud Security: Develop and enforce best practices for securing cloud platforms such as AWS, Azure, or Google Cloud, including IAM, network security, and container security
- Risk Assessment: Identify and assess potential security risks, develop risk mitigation strategies, and maintain risk management documentation
- Security Automation: Implement automation solutions for security processes, such as log analysis, vulnerability patching, and compliance checks
- Training and Awareness: Provide security training and awareness programs to employees to promote a culture of security
Preferred Qualifications
- Experience working with tools such as DataDog, Okta, CloudFlare, WAF, AWS, Terraform, Python, or any other coding languages are highly desirable
- Familiarity with DevSecOps practices and tools (e.g., Jenkins, GitLab CI/CD, Terraform, Kubernetes)
Benefits
- Generous benefits package (health, dental, vision)
- Unlimited PTO
- Every employee is a shareholder!
- Paid parental leave
- Remote-friendly & flexible with a $250 at-home work setup stipend
- 16 company holidays, including one week off for the 4th of July and the week off between Christmas and New Year
- Generous 401k match and contribution