Cyber Security Engineer

Nrg, Inc
Lehi, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Lehi, United States of America

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Azure
Cloud Computing
Cloud Computing Security
Cloud Engineering
Computer Security
System Configuration
Identity and Access Management
Intrusion Detection Systems
Key Management
Network Security
Microsoft Software
Network Segmentation
Network Protocols
PCI Data Security Standards
Security Information and Event Management
Data Logging
Cloud Platform System
Cyber Threat Analysis
Amazon Web Services (AWS)
Information Technology
CIS Benchmarks
Prisma Cloud Platform
Serverless Computing
Vulnerability Analysis

Job description

Position Summary: The Cyber Security Engineer is responsible for maintaining security measures that protect the organization's systems, cloud workloads, and data. This role focuses on identifying vulnerabilities and risks, operating security tools across on-premises and cloud environments, providing security guidance to engineering teams, and supporting incident response efforts., * Cloud posture across AWS (and/or Azure/GCP), identify misconfigurations and risks, and drive remediation by partnering with cloud and application owners.

  • Provide security guidance and advisory support to cloud, infrastructure, and development teams on secure configuration, IAM, encryption, network segmentation, and logging.
  • Support secure cloud architecture reviews and ensure alignment with the Framework (Security Pillar), CIS Benchmarks, and organizational cloud security standards.
  • Understanding of Network protocols and network security Tools like NAC, IPS.
  • Administer IAM platforms and integrations (e.g., SSO, MFA, directory services, conditional access) across on-premises and cloud environments.
  • Conduct vulnerability assessments across on-premises, cloud, and container workloads to identify potential risks.
  • Assist in the remediation of vulnerabilities by working closely with IT, cloud, and development teams.
  • Assist in deploying, configuring, and maintaining security tools such as IDS/IPS, endpoint protection, SIEM, and WAF.
  • Assist in the development, implementation, and enforcement of security policies and procedures, including cloud security standards and guardrails.
  • Perform routine audits to ensure security compliance with organizational policies and regulatory requirements (e.g., NIST CSF, PCI DSS, SOX) across hybrid and cloud environments.
  • Research and stay informed about current cybersecurity threats, vulnerabilities, cloud attack techniques, and best practices.
  • Provide technical support and guidance to IT, cloud engineering, and development staff on security-related issues.

Requirements

  • Hands-on experience operating a CSPM/CNAPP platform (Orca preferred; Wiz, Prisma Cloud, or Defender for Cloud also relevant).
  • Working knowledge of at least one major cloud provider (AWS preferred), including native security services (e.g., GuardDuty, Security Hub, IAM Identity Center, KMS, CloudTrail, WAF/Shield).
  • Strong understanding of cloud security concepts including IAM, key management, network security (VPC, transit gateway, private endpoints), logging/monitoring, and shared responsibility models.
  • Ability to interpret cloud misconfiguration findings, assess risk, and clearly communicate remediation guidance to cloud and application teams.
  • Exposure to container and serverless security concepts (e.g., EKS, ECS, Lambda) is a plus.
  • Cloud security certifications such as AWS Certified Security - Specialty, AWS Certified Solutions Architect, Microsoft SC-200/AZ-500, or CCSP are highly desired.
  • Bachelor's degree in Cyber Security, Computer Science, or related field or equivalent relevant work experience.
  • 2-5 years of experience in cyber security or related roles, including exposure to cloud environments.
  • Additional certifications such as Security+, CEH, or CySA+ are desired.
  • Knowledge of security tools, technologies, and best practices across enterprise and cloud environments.
  • Strong understanding of networking and operating systems.
  • Analytical and problem-solving skills with attention to detail.
  • Ability to work collaboratively in a team environment and communicate technical concepts effectively.

Apply for this position