As the InfoSec Manager, you will be responsible for maintaining the high-performance level of our security programs, tools, and technologies. This will include providing the protections needed for the systems, network, databases, and communications.

Position is full-time, on-site. Option of locations:  The Greater Seattle, WA area or Greater Austin, TX area.

You must currently live in the United States. There is no C2C or sponsorship available.

What to expect:

• Supervise and manage the company cybersecurity program while providing comprehensive best practices and compliance of industry standards.
• Perform regular security assessments, vulnerability and penetration testing to ensure the safety of our applications and infrastructure.
• Work with multiple teams to detect potential security risks and develop proactive mitigation measures.
• Implement and enforce security policies, procedures, and training with the emphasis on security awareness.
• Lead the cybersecurity team, provide guidance, and act as mentor.
• Conduct security training for all company team members.
• Be a part of compliance audits and budget planning.
• Continuing education to be up-to-date with the current threats and solutions.
• Occasional on-call and travel needed to various company sites.

What you will need:

• 5 or more years of work experience in the field of Information Security.
• 4 or more years as a team manager in a critical infrastructure environment.
• Multiple IT security certifications, such as CISSP, SSCP Security+, CISSM or equivalent experience.
• Network security techniques such as Micro-segmentation, Proxy servers, Whitelisting, etc.
• Experience working with Microsoft Windows Server, Group Policy/Active Directory.
• Understanding of data diode hardware device.
• Familiarity with next-generation antivirus solutions.
• Background working to identify and mitigate phishing, social engineering tactics, and other cybersecurity threats.
• Knowledge of NIST, Zero Trust Architecture, Least Privilege Access, Operational Technology security, CIS Critical Security Controls, SaaS systems hardening best practices.
• Various management skills: Vulnerability, Identity and Access (SAML, MFA), Asset, Patch.
• Provide Defense in Depth strategy.

Kw: information security manager, infosec manager, cybersecurity, itsecurity, cissp, cissm, sscp security+, critical infrastructure, network security, micro-segmentation, proxy servers, whitelising, microsoft windows server, active directory, data diode, phishing, social engineering, nist, zero trust architecture, least privilege access, operational technology, critical security controls, saas systems hardening, vulnerability, identity and access, saml, mfa, asset, patch, defense in depth

As the Cyber Security Threat Hunter, you will actively seek out malicious actions or threats to the company’s enterprise environment. This will require continuous education in the cyber security intelligence arena to stay up to date with current and emergent security threats and trends.

This is a fully remote position. The company headquarters is Lake Oswego, OR. You must currently live in the United States. There is no sponsorship or C2C.

What to expect:

• Monitor, maintain, and update threat hunt tactics and techniques.
• As the lead, coordinate and support investigations and threat hunts with security team.
• Provide advanced event and incident analysis that includes establishing the baseline and trend activity.
• Support incident response and other security operation center activities.
• Maintain and fine tune security alerting systems.
• Present status reports to the executives on the state of the company’s security status.
• Using security analysis, identify and guide the resources needed for the security team to be successful.

What you will need:

• Bachelor’s Degree in IT is preferred.
• 5 or more years of enterprise experience in the IT field of cyber security.
• Skills using Mitre Att&ck, TTP, ATP, IOC.
• Familiarity of the techniques used by Hackers to breach the system.
• Strong skills in scripting languages, like Python, PowerShell, or Bash.
• Knowledgeable of complex business networks and firewalls.
• Ability to convert intelligence into active modifications and technical recommendations to maintain control.
• Background experience securing or responding to virtual or real-world attacks.
• Solid understanding of a variety of malware factions and network attack routes.
• Be a team player who really enjoys the field of IT Security.

Bonus:

• Proficiency in using SIEM
• Splunk monitoring
• SOC
• Security certifications, especially Ethical Hacker

Kw: it security analyst, cyber security analyst, threat hunter, python, powershell, bash, mitre att&ck, ttp, atp, ioc, networks, routers, switches, firewalls, malware

As the IT Security Analyst, your primary responsibility is to identify and mitigate probable threats throughout the company information systems, networks, and applications. You will be working for an international manufacturing company located in Lake Oswego, OR.

There is no sponsorship or C2C. You must currently live in the United States. Greater Portland, OR; Lake Oswego area is preferred.

What to expect:

• Conduct searches to identify possible security threats and vulnerabilities.
• Analyze security incidents to determine the root cause, overall impact and implement resolutions.
• Fully participate in incident response to contain, eliminate, and recover.
• Provide detailed documentation of all aspects that include search procedures, findings, and remediation actions.
• Utilize security tools, technologies, and methodologies.
• Assist in developing and implementing security awareness training programs.
• Continuous research to be up to date on the latest threats, evolving vulnerabilities, and attack techniques.

What you will need:

• A minimum of 2 years in an information security role.
• 5 years or more in the Information Technology field.
• Strong skills using security tools and technologies, including SIEM, intrusion detection systems (IDS/IPS), endpoint detection, response solutions (EDR), and threat intelligence platforms.
• Background using Python, PowerShell, or Bash.
• Familiarity with current/emerging security threats, attack vectors and techniques used by system hackers.
• Strong verbal and writing skills.
• Ability to convey security concepts to technical and non-technical stakeholders.

Bonus:

• IT Security certifications

Kw: it security, it security analyst, siem, intrusion detection, ids/ips, endpoint detection, response solutions, edr, threat intelligence, python, powershill, bash

Opportunity for full-time, permanent, remote work.

Are you passionate about security and you really like solving problems? Do you like consulting and solving customer problems? Or maybe you have a couple of ethical hacker friends and you would enjoy working with each other architecting Application Security?

If any of the above sound appealing, we have several open positions working for a small, stable, profitable security company that is in the Pacific Northwest. They pride themselves on providing their employees with a balanced work/life environment.

Locations available:  Areas include Austin, TX;  Denver, CO; Seattle, WA; Portland, OR; San Francisco Bay Area, CA

There is no sponsorship or C2C for this position. You must currently reside in the United States.

What you will need:

• Minimum of 5 years of experience in AppSec Engineering.
• Strong understanding of SQL injections.
• Knowledge of Application vulnerabilities.
• Coding skills in multiple languages (C# is preferred, Java, JavaScript).
• Understanding of multiple databases, including NoSQL databases (SQL server, Oracle, MongoDB, Postgres, CouchDB).
• Work with customers and have a high level of customer support skills.

• We also need someone willing to be flexible and just work to solve problems and reverse engineer as needed.
• Experience working remotely with a consulting company is a plus.

Certifications & Education

• The company is more interested in candidates who have the passion and curiosity of security than a formal education.
• Degree in Computer Science or Engineering is a plus.
• Certified Ethical Hacker
• CISSP, CEH, OSCP, Security+, CISM, CISA, CRISC, CCIE

Kw: application security engineer, appsec engineer, sql, coding, c#, java, javascript, databases, nosql, sql server, oracle, mongodb, postgres, couch, certified ethical hacker, ceh, oscp, security+, cism, cisa, crisc, ccie