Skip to content
RSARSAUnited States

Advisor, Cyber Security

Serve as second-level incident response and security SME, operating and tuning SIEM/SOAR/XDR/WAF tooling while applying Zero Trust and IAM controls across cloud and on-prem environments.

Salary not listed
Remote4+ YOESecurity Engineering

About the role

Principal Responsibilities

  • Serve as second level Incident Response interacting with our third-party SOC and be a security SME on a shared on-call rotation.
  • Operate and tune core detection and response tooling — such as SIEM, SOAR, XDR/EDR, WAF, and NGFW — to sharpen signal and cut noise.
  • Apply identity-centric and Zero Trust controls — access, MFA, and least privilege — alongside the IT platform and product teams.
  • Support security as an enabler in the product and R&D lifecycle, advising engineering on secure-by-design patterns.
  • Be an advocate and enabler for maturing the security controls around data, AI services and our products.
  • Maintain clear documentation, runbooks, develop metrics, and present findings to both technical and non-technical audiences.
  • Deep-dive into security systems as needed to investigate issues and automate recurring tasks through scripting or AI Agents as appropriate.
  • Act as the bridge between technical and non-technical contributors.

Education & Experience

  • Typically, 4+ years of related cybersecurity operations experience with a Bachelor’s degree; or 2+ years with a Master’s degree.
  • Hands-on production operation of multiple security technologies in public cloud (Azure and/or AWS) and on-premises environments — including vulnerability scanning and management, SIEM/logging, WAF, network segmentation and security groups, system hardening/STIG, malware prevention, and incident response.
  • Intermediate grasp of identity and access management and Zero Trust principles — authentication and authorization standards (MFA, SAML, OAuth, OIDC), directory services, and least-privilege access.
  • Working knowledge of networking concepts and of both Linux and Windows host operating systems.
  • Critical-thinking drive — asking what could be, how it could be done better, and pursuing continuous improvement and efficiency through automation — paired with a collaborative work style.
  • Strong written, spoken, and presentation skills, with the ability to communicate security decisions clearly and to translate between technical and non-technical audiences.
  • US Citizen / US Soil.

Desirable Requirements

  • Experience securing customer-facing SaaS environments and familiarity with FedRAMP, SOC 2, NIST, or CSA compliance frameworks; prior work with a government, FedRAMP, or otherwise regulated environment is highly desirable.
  • Experience securing product and R&D or DevSecOps environments — container and Kubernetes security, infrastructure-as-code scanning, and secrets management.
  • Familiarity with securing AI/ML workloads and AI-enabled tooling, and an awareness of emerging AI-driven threats and defensive use cases.
  • Demonstrated group, team, or thought leadership within cloud or security operations initiatives.
  • Experience threat hunting or red-teaming within a complex enterprise environment.
  • Location near Boston area a plus.
  • Industry-standard cybersecurity certifications; a cloud or identity-specific credential is a plus.

Compensation & Benefits

  • Full-time, non-Sales US employees are also eligible for annual discretionary bonuses that are funded based on prior year company performance.
  • RSA Sales team members are eligible to participate in company commission plans.
  • RSA offers its eligible US employees a comprehensive array of benefit programs including flexible paid-time-off, health, disability, and life insurance, and a 401(k) retirement plan with company matching contributions.

Skills

SIEMSoarXdrEdrWafNgfwAzureAWSZero TrustMFASAMLOAuthOIDCKubernetesDevSecOps
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k
On-site3+ YOESecurity Engineering