Cybersecurity Engineer

We’re seeking a self-driven and proactive Cybersecurity Engineer who’s passionate about technology and security. As a Cybersecurity Engineer at FrankieOne, you’ll be pivotal in safeguarding our platform, infrastructure and environment against threats. Reporting to the CISO, your responsibilities include:

Security Design:

• Designing and implementing security solutions that span infrastructure, applications, and data.
• Evaluating and selecting security technologies to meet evolving threats and business needs.

Security Engineering:

• Building and configuring security systems, including firewalls, intrusion detection/prevention systems, SIEM, CNAPP, anti-malware, vulnerability scans and cloud security tools.
• Automating security tasks and integrating security into CI/CD pipelines (DevSecOps).

Security Operations:

• Developing and implementing security operations procedures.
• Leading incident response efforts, including threat analysis, containment, and remediation.
• Managing and optimizing security monitoring and alerting systems.

Security Analysis:

• Conducting threat modelling and risk assessments.
• Analyzing security data and logs to identify threats and vulnerabilities.
• Staying up-to-date on the latest threats and vulnerabilities.

Application Security:

• Integrating security into the software development lifecycle (SDLC).
• Conducting application security assessments and penetration testing (Burp Suite)
• Providing guidance on secure coding practices.

DevSecOps:

• Fully incorporating security into all stages of the development life cycle.
• Automating security testing.
• Building security into cloud (AWS) hosted applications and infrastructure.

Communication:

• Providing security guidance and mentorship to other team members.
• Communicating security risks and recommendations to stakeholders at all levels.
• Creating and maintaining security documentation.
• Participate in audits and compliance assessments.

In a Previous Life You Have:

• Several years in cloud-centric information security roles (ideally AWS), security advisory, application and cloud security (AWS, Burp Suite), security operations, vulnerability management, or incident response.
• Advanced understanding of security principles, protocols, and cloud security.
• Proficiency in secure software architecture and DevSecOps practices.
• Familiarity with Identity Management and Access Control.
• Ability to set up and administer security tools.
• Scripting skills for SOC automation.
• Knowledge of security frameworks (OWASP, MITRE ATT&CK, etc.).
• Awareness of security standards (NIST, ISO 27001, SOC 2).
• Certification like CISSP, GIAC is highly desirable
• Comfortable in fast-paced, cross-functional teams using agile methodologies.

If this sounds like you, let’s chat!