Raft is hiring a
Senior Cybersecurity Engineer in United States

Summary

The job is for a Senior Cybersecurity Engineer at Raft, a customer-focused small business in the U.S. The role involves implementing and maintaining security solutions, participating in security testing, and assisting with incident response activities. The position requires 4-6 years of experience in various cybersecurity domains and prefers additional qualifications.

Requirements

• 4-6 years of hands-on experience implementing IAM, SIEM, IaC, and CaC solutions such as Okta, Keycloak, Splunk, ELK, Terraform, Puppet, Chef, or MITRE SAF
• 2+ years of experience configuring & maintaining security tooling such as vulnerability & compliance scanners, SAST & DAST, EDR, audit logging, etc
• 2+ years of experience with AWS cloud security offerings such as CloudTrail, CloudWatch, Inspector, GuardDuty, Shield, Secrets Manager, etc
• 2+ years of experience implementing automated validations of RMF controls (e.g., NIST 800-53) in container or VM images
• Experience with securing and hardening Linux virtual machines and containers
• Proven experience in software systems development via CI/CD pipelines (Gitlab Pipelines)
• Understanding of secure network & system architectures, virtualization & cloud technologies, application security, encryption technologies, and IPS/IDS technologies
• Experience with defense-in-depth security engineering and conducting security testing against the environment
• Working knowledge of DevSecOps methodologies & implementing security tooling within CI/CD pipelines
• Familiarity with containerization technologies such as Kubernetes & Docker and related scanning tools such as TwistLock, Trivy, Zarf, JFrog Xray, or Anchore
• Understanding of on-prem & cloud-based Linux & Windows systems hardening using DISA STIGs & SRGs or other industry best practices
• Hands-on experience with relevant security documentation such as SBOMs, PPS lists, data flow & network diagrams, and SSPs
• Willing to occasionally work in a classified environment such as a Closed Area or SCIF on a quarterly basis
• Stay current with industry trends, making recommendations as needed to help the company excel
• Obtain CompTIA Security+ or other DoD 8570 IAT Level II or higher certification within the first 90 days of employment with Raft

Responsibilities

• Implement and maintain security solutions
• Participate in security testing
• Assist with incident response activities

Preferred Qualifications

• Experience with programming languages such as Python, Go, Java, JavaScript, TypeScript, C#
• Implement and improve development and security best practices by building necessary CICD pipeline jobs (Linting, SCA, SAST, Vulnerability scanning)

Benefits

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Take as you need PTO + 11 paid holidays
• Education & training benefits
• Annual budget for your tech/gadgets needs
• Monthly box of yummy snacks to eat while doing meaningful work
• Remote, hybrid, and flexible work options
• Team off-site in fun places!
• Generous Referral Bonuses