Cybersecurity Engineer

Summary

Join ARC Group as a Cybersecurity Engineer in a fully remote position, working Eastern Time zone business hours. This contract role, extending to January 2026 with potential for extension or conversion to full-time employment, offers significant career growth within a well-respected organization. The position focuses on ensuring application and API security by collaborating with cross-functional development teams. You will be responsible for identifying and remediating security vulnerabilities, implementing secure coding practices, and balancing security with business needs for rapid application deployment. The ideal candidate possesses expertise in API and UI security, secure coding, and relevant security tools and technologies.

Requirements

• 4+ years of experience in cyber security, with a focus on secure development and deployment
• Strong understanding of secure coding practices, threat modeling, and risk assessment
• Experience with Azure / EntraID
• Experience with Single Sign On using SAML or OAuth
• Experience with security tools such as Postman, Burp Suite, etc. and vulnerability management
• Experience with scripting languages such as PowerShell or Python
• Excellent communication and collaboration skills, with the ability to work with technical and non-technical stakeholders
• Strong problem-solving skills, with the ability to analyze complex security issues and develop effective solutions
• Familiarity with API security frameworks and protocols (OAuth, JWT), as well as UI development frameworks and tools
• Related Bachelor's degree or additional related equivalent work experience
• Cybersecurity Engineer Defense and Threat Operations: SSCP
• Cybersecurity Engineer Enterprise Cybersecurity Services: SSCP
• Must have scripting experience
• Must have Azure experience, preferably EntraID
• Must be familiar with OWASP top 10
• Experience with the OWASP Top 10 and remediation strategies
• Experience with the creation of both technical and non-technical documentation
• Experience with agile development methodologies
• Experience with CI/CD pipelines and tools such as Jenkins
• Required Work Experience: 4+ years related work experience
• 2+ years in Cybersecurity
• 2+ years Information Technology Infrastructure

Responsibilities

• Collaborate with developers throughout the software development lifecycle to ensure security best practices are integrated into application design and development
• Review scan findings and work with developers to remediate security vulnerabilities and implement fixes within their applications
• Work with application owners to enable single sign on via standards such as SAML or OAuth
• Work with application owners to manage access control via conditional access policies
• Partner with developers to ensure secure coding practices and mitigate security risks
• Provide security guidance and recommendations to development teams to ensure compliance with security standards and regulations
• Develop and maintain security documentation, including threat models, risk assessments, and security requirements
• Stay current with emerging security threats and technologies, applying this knowledge to improve our overall security posture
• Enable the business to rapidly and securely deploy applications balancing security with business needs