Cyber Security Engineer IV

RegScale is a continuous controls monitoring (CCM) platform purpose-built to deliver fast and efficient GRC outcomes. We help organizations break out of the slow and expensive realities that plague legacy GRC tools by bridging security, risk, and compliance through controls lifecycle management. By leveraging CCM, organizations experience massive process improvements like 90% faster certification times, and 60% less audit prep time. Today’s expansive security and compliance requirements can only be met with a modern, CCM based approach, and RegScale is the leader in that space.  

Position:

Are you ready to elevate your career with a critical role at an innovative startup that's disrupting the compliance industry? We’re looking for a Cyber Security Engineer who thrives on solving complex problems and defending sensitive data from sophisticated threats. In this role, you’ll be responsible for hardening systems, automating patching, managing incident response, and integrating security tools into our SaaS application. You’ll work closely with our engineering team to ensure the resilience and integrity of our infrastructure. If you’re passionate about cybersecurity and excited to make an impact in a fast-paced, high-growth environment, we’d love to meet you.

This hybrid position is primarily remote, with periodic in-person strategy and design sessions. Candidates must be U.S. citizens and able to pass a background check and unannounced drug testing. We know how vital this role is to our success and offer an exceptional compensation package, including a competitive salary and significant stock options. If you're ready to take on cutting-edge challenges and grow with a mission-driven team, we want to hear from you.

Activities:

• Harden systems in accordance with guidance from the Director of Information Security
• Patching of Virtual Machines (VMs) and Endpoints
• Configuration of Microsoft Defender and Intune for device management, patching, and compliance
• Onboarding and offboarding of accounts and devices for RegScale employees and support contractors
• Development of secure policies in Azure for creating new infrastructure
• Configuration of Sentinel for security logging and incident response
• Automation of incident response and tuning of logs/alerts in Sentinel
• Responding to cyber incidents including reporting, malware removal, and related remediation activities
• Develop DevOps scripts to automate cyber security processes
• Deliver assigned user stories while working in an Agile Project management environment
• Self-starter who will continuously learn and develop
• Develop technical documentation in Markdown language or within Wikis
• Delivering on schedule for assigned security deliverables

Required Skills:

• Significant knowledge of system administration practices with a specific focus on Linux
• Configuration of cloud security services with prior experience in Microsoft Azure preferred
• Automation of patching programs
• Significant scripting experience for automation of cyber security tasks using Powershell, Bash, or other common languages
• Experience hardening systems using CIS Benchmarks, STIGs, or other guidance
• Collaborating with the Director of Information Security on the compliance of RegScale systems to support audits and certifications
• Experience with Linux Command Line Interfaces (CLIs) and SSH
• Familiarity with common security tools and practices
• Familiarity with Incident Response processes and procedures with specific focus on Azure Sentinel and the Kusto Query Language (KQL)
• Willingness to participate in and learn from our Agile Project Management and Scrum processes while operating in a geographically distributed project environment

Education/Training, Qualifications, and Certification:

• Minimum of a Bachelor’s Degree in Computer Science or similar technical/engineering degree and 6 years experience, or
• Minimum of Master’s Degree in Computer Science or similar technical/engineering degree with 4 years of professional experience
• Non-degree - minimum of 10 years experience in IT with direct and extensive cyber security experience
• Azure AZ-900 and AZ-500 certification required, or the ability to achieve the certifications within 6 months of hiring.
• Security certifications are highly desired
• Strong written and verbal communication skills while being a team player
• Must be a US Citizen and capable of passing a background check and random periodic drug testing