Skip to content
BlackCloakBlackCloakUnited States

CyberSecurity & Identity Protection Engineer (Tier 3)

Tier 3 engineer deploys/manages EDR tools, conducts incident response, vulnerability assessments, and identity protection for clients. Monitors threats, automates workflows with SOAR/Python, and handles fraud resolution. Requires 3+ years cybersecurity experience.

110k – 130k/yr
Remote3+ YOESecurity Engineering

About the role

Responsibilities

  • Deploy and configure Endpoint Detection and Response (EDR) agents across client environments. Customize detection policies to minimize false positives.
  • Analyze EDR telemetry to detect "living off the land" attacks and anomalies.
  • Actively monitor client endpoints for malicious indicators, isolate compromised devices, and communicate incidents.
  • Generate monthly executive summaries for clients detailing blocked attacks, health status, and ROI.
  • Schedule and run vulnerability scans on client networks, execute penetration tests, review results, prioritize patches, and verify remediation.
  • Monitor threats and vulnerabilities for Smart Home and IoT devices, assist in hardening home networks.
  • Proactively monitor Dark Web and criminal forums for compromised credentials, leaked data, or domain spoofing.
  • Manage credit monitoring platform, alert clients to identity alerts indicating fraud.
  • Serve as case manager for identity theft incidents, handle end-to-end resolution.
  • Assist in restoration of compromised accounts including synthetic identity fraud, medical identity theft, and tax refund fraud.
  • Hunt for client PII on people-search sites and data brokers, manage opt-out process.
  • Identify repetitive tasks and build SOAR playbooks or scripts (Python/PowerShell) to automate.
  • Evaluate and implement AI-driven tools and Machine Learning features to enhance threat detection.
  • Optimize API integrations between identity platforms, EDR, and ticketing systems.
  • Conduct post-mortem reviews, update SOPs, codify IOCs.
  • Develop custom scripts, tools, or methodologies for Incident Response.
  • Develop reports of forensic findings and IR activities.
  • Participate in on-call rotation, knowledge transfer, mentoring, R&D on cyber trends.
  • Work with engineering, product, and sales teams.

Requirements

  • 3-5+ years of experience in Cybersecurity, Fraud Analysis, or Security Engineering.
  • Penetration and vulnerability testing experience.
  • Windows and macOS forensic investigation and vulnerability management.
  • Experience deploying, managing, and optimizing EDR tools (CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, Carbon Black, Sophos Intercept X).
  • Experience developing detection alerting using automation and SOAR.
  • Technical knowledge of Windows, macOS, iOS, Android, Linux.
  • Solid understanding of US Credit System (Bureaus, FICO, FCRA).
  • Experience managing identity monitoring platforms.

Nice-to-Haves

  • College degree in IT/CS/CE or equivalent.
  • Certifications: CISSP, CCSP, CFCE, GIAC, OSCP, OSCE, Security+, CEH, CIPP, CIPA.

Skills

Crowdstrike FalconSentineloneMicrosoft Defender For EndpointCarbon BlackSophos Intercept XEdrSoarPythonPowerShellAIMachine LearningWindowsmacOSLinuxIot
Oneleet

Application Software Engineer, Endpoint Security

OneleetBeaverton, OR

Develops and maintains cross-platform endpoint security agent for Windows, macOS, and Linux using Go and JavaScript. Handles system monitoring, threat detection, secure cloud communication, and compliance enforcement. Requires 5+ years systems programming experience and OS internals knowledge.

110k – 180k/yr
Remote5+ YOESecurity Engineering
Metropolis

Security Engineer II

MetropolisLos Angeles, CA

Security Engineer II responsible for monitoring security alerts, responding to incidents, administering enterprise security tools, and supporting cloud and identity security initiatives. Requires 3+ years in cybersecurity or related fields with strong scripting and troubleshooting skills.

105k – 150k/yr
On-site3+ YOESecurity Engineering
Metropolis

Security Engineer II

MetropolisNew York, NY

Security Engineer II responsible for monitoring and responding to security alerts, administering enterprise security tools, supporting vulnerability and IAM programs, and securing cloud environments. Requires 3+ years in cybersecurity or related fields and scripting experience.

115k – 160k/yr
On-site3+ YOESecurity Engineering
Twenty

IT Security Engineer

TwentyArlington, VA

IT Security Engineer responsible for designing, implementing, and maintaining enterprise security infrastructure including firewalls, SIEM monitoring, vulnerability management, IAM, and compliance. Requires 5+ years IT security experience, strong networking and cloud knowledge.

116k – 195k/yr
On-site5+ YOESecurity Engineering
Launchdarkly

Security Analyst - Governance, Risk, and Compliance

LaunchdarklySan Francisco, CA +9

The Security Analyst III will define, implement, and operate security and privacy programs, driving initiatives to assess and reduce security risks and maintain compliance with frameworks like ISO 27001, SOC 2 Type II, and FedRAMP.

116k – 188k/yr
RemoteSecurity Engineering