The Cybersecurity Engineer is responsible for protecting the company's systems and data by designing, implementing, and maintaining optimal cybersecurity measures. This role involves hands-on cybersecurity engineering as well as participation in compliance and auditing tasks, with a primary focus on SOC and PCI standards.
Responsibilities
· Design, implement, and maintain cybersecurity measures to ensure the secure operation of the company's systems and data.
· Perform regular security audits and vulnerability assessments, providing actionable recommendations to mitigate identified risks.
· Oversee compliance with Payment Card Industry Data Security Standards (PCI DSS) and Service Organization Control (SOC) 2/3 privacy standards.
· Collaborate with IT and business stakeholders on the development and enforcement of security standards and best practices.
· Actively participate in incident response procedures, including the investigation of security breaches, identifying vulnerabilities, and ensuring they are adequately addressed.
· Assist with responses to audit and diligence requests from the company's partners and clients.
· Stay informed on the latest cybersecurity threats and trends, educating and engaging internal stakeholders on changes that may warrant updates in security procedures.
· Contribute to the development and updating of enterprise information security policies and standards.
· Assist with security-related documentation and reporting as needed.
Requirements
· Minimum 2 years experience as DevOps, System Administrator, or Network Engineer
· Hands-on experience with PCI-DSS and SOC 2/3 standards or experience with a similar control framework.
· Experience in Linux is a must
· Experience in security incident response and management.
· Proficiency in various information security technologies, networks, and operating systems.
· Understanding of privacy and security issues that arise in a technology-focused, data-driven business.
· Strong analytical skills and ability to solve complex technical problems.
· Excellent communication and documentation skills.
· Proactive and collaborative team player who can work well in a fast-paced environment.
· Experience with cloud-based systems and technologies.
· Education, Certifications, and Experience Minimum
· Bachelor’s degree in Cybersecurity, Computer Science or related field, or equivalent work experience; Master's degree a plus
· Education, Certifications, and experience Preferred
· 4+ years of experience in cybersecurity engineering and IT audit/compliance.
