[Remote] Senior Cyber Security Engineer
Note: The job is a remote job and is open to candidates in USA. Stack AV is developing revolutionary AI and advanced autonomous systems for the trucking transportation industry. The Cyber Security Engineer role involves securing Stack AV’s environment, developing threat detection capabilities, and leading security investigations and incident response efforts.ResponsibilitiesDevelop new cyber detections for threats and other uses cases using our SIEM and other security toolingDevelop automated processes for triaging security incidents and incident response in generalAssesses software and service requests from within the organizationDeploy and develop solutions to better secure Stack AV’s infrastructure, data, and peopleConduct and/or arrange vulnerability and other security assessments on Stack’s infrastructureRespond to security incidents and drive the effort to mitigate and/or remediate findingsSkillsExperience working with and managing Security Information and Event Management (SIEM) tools such as Splunk, Sumo Logic, Elastic, etcThreat hunting experience endpoint, network, DNS, email, EDR, and audit logs, as well as netflow and packet capturesExperience working with and managing utilizing Endpoint Detection and Response (EDR) tools such as Crowdstrike, Sentinel One, Microsoft Defender, etcThorough understanding of MacOS, Linux, and Windows hardening and security best practicesExperience creating threat and DLP signatures for network, endpoint, email, and cloud/SaaS security solutions to identify potential attacks, exploits, or data exfiltration attemptsExtensive experience developing and automating incident response policiesExperience delivering complex projects, including coordinating and driving issues to resolution utilizing excellent technical troubleshooting skillsA drive to learn and work with industry leading technologiesAn understanding of network orchestration and automation with Python, Ansible, and Terraform. Any experience automating security operations tasks or using SOAR platforms is a plusExperience with DevSecOps practices, including securing containerization technologies (Kubernetes, Docker, etc), artifact repositories (Artifactory, CodeArtifact, etc), and CI/CD or version control systems (GitHub, GitLab, etc)Experience working with Security Access Service Edge (SASE) solutions such as Zscaler, Prisma Access, Netskope, etcThorough understanding of email security and best practices. Experience working with Secure Email Gateways (SEGs), Mail Transfer Agents (MTAs), and end user training solutions like Knowbe4 is highly desirableExperience with both traditional DLP and Cloud Access Security Broker (CASB) solutions, especially developing data classification policies, signature detection, and response runbooksExtensive experience with network security tooling and practices such as layer 7 firewalls and Unified Threat Management (UTM) solutions, Intrusion Detection and Prevention Systems (IDS/IPS), malware sandboxing, Network Detection and Response (NDR) solutions, netflow and telemetry aggregation, systems, microsegmentation, web application firewalls (WAFs), load balancers, network taps, DNS security solutions, etcThorough knowledge of Public Key Infrastructure (PKI), certificate lifecycle management, 802.1x implementation, mTLS, etcExperience with Google Workspace, especially developing Trust Rules to secure and control sensitive data and enhancing DLP capabilitiesExperience with developing information security architectures and securing complex infrastructure environmentsWork with Stack's highly technical software and hardware engineering teams to understand their goals, and deploy tools and solutions to get the data accessible to them for developmentCompany OverviewStack AV operates in the transportation industry that develops advanced autonomous systems. It was founded in 2023, and is headquartered in Pittsburgh, Pennsylvania, USA, with a workforce of 51-200 employees. Its website is https://www.stackav.com.