Senior Cyber Security Engineer

We are seeking a highly experienced Senior Cybersecurity Engineer to lead the design, assessment, and continuous improvement of our security posture, with a primary focus on protecting and hardening our external attack surface. This role requires deep technical expertise across multiple security domains, combined with the ability to architect scalable, automated solutions and proactively defend against emerging threats—including those leveraging artificial intelligence. You will operate as both a strategic architect and a hands-on engineer, partnering closely with cross-functional teams while independently driving key security initiatives.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Perimeter & Attack Surface Security

• Lead discovery, assessment, and continuous monitoring of external attack surface (domains, IP space, cloud assets, shadow IT)
• Design and implement controls to reduce exposure and improve resilience
• Conduct and oversee penetration testing activities, coordinating third parties and providing augmentation and oversight
• Build and mature vulnerability management programs, including prioritization and remediation workflows

Security Engineering

• Design and implement security solutions across network, cloud, and application layers aligning with industry best practice and compliance standards
• Evaluate and integrate tools for threat detection, prevention, and response
• Define and enforce security standards, patterns, and best practices
• Extend attack surface discovery to include OT assets and unmanaged devices
• Improve unified visibility across IT, cloud, and manufacturing environments
• Address shadow OT / undocumented assets

Automation & Scalability

• Identify opportunities to automate security processes (e.g., vuln triage, asset discovery, alerting, reporting)
• Develop scripts, pipelines, or tooling to improve efficiency and reduce manual effort
• Partner with engineering teams to embed security into CI/CD and operational workflows
• Assess and secure third-party access (vendors, OEMs, remote maintenance channels)
• Evaluate risks in hardware, firmware, and software supply chains
• Support SBOM (Software Bill of Materials) and component traceability initiatives

AI & Emerging Threats

• Assess risks related to AI-driven threats (e.g., automated attacks, deepfakes, adversarial AI)
• Support design and implement defensive strategies leveraging AI/ML where appropriate
• Provide guidance on secure adoption and creation of guardrails for AI technologies internally

Collaboration & Leadership

• Work closely with infrastructure, DevOps, product, and leadership teams to align on security priorities
• Translate technical risks into business impact for stakeholders
• Lead or influence security initiatives from concept through execution
• Mentor junior engineers and promote a strong security culture