As the new member of the InfoSec team, this role will own critical security initiatives end-to-end, working side-by-side with Engineers to harden our cloud-native SaaS platform and significantly raise our overall security posture. This is a high-impact, high-autonomy role perfect for a self-starter who enjoys building and deploying scalable security processes in a scale-up environment.
Job listings
We are seeking a knowledgeable and motivated Certified CMMC Professional (CCP) to support the delivery of CMMC readiness and advisory services for clients in the Defense Industrial Base (DIB). This role serves as a trusted advisor, assisting clients with documentation, gap assessments, remediation planning, and readiness activities in preparation for formal CMMC assessments conducted by Certified Third-Party Assessment Organizations (C3PAOs).
As a SOC Analyst at Eye Security, you'll monitor alerts, separate real threats from noise, and make sure clients stay protected – ideally before an incident even occurs. You’ll work with clients from various industries, follow a structured onboarding, and learn directly from seasoned experts with backgrounds in intelligence and the military.
This role supports the identification and mitigation of threats and vulnerabilities using Microsoft Defender Vulnerability Management and Nexpose Rapid7. You’ll work closely with senior engineers and SOC analysts to help protect our environment and grow your expertise in threat analysis and risk reduction.
$150,000–$180,380
USD/year
ExtraHop is seeking a Sr. Product Security Engineer, experienced with modern cloud system development and infrastructure-as-code practices to build and operate product security program capabilities, tools, and processes that allow us to keep pace with a rapidly changing security landscape, reduce security risk and enable organizational success. You must have experience securing cloud environments and modern computing infrastructure.
$102,000–$139,500
USD/year
This role is client-facing and requires the Consultant to produce deliverables based on reactive services client engagements. The Consultant will work directly with multiple customers and key stakeholders (Admins, C-Suite, etc) to lead incident response incidents and guide clients through the engagement from start to finish. Perform reactive incident response functions including but not limited to host-based analysis and investigate data breaches.
$130,000–$142,000
USD/year
The Data Loss Prevention (DLP) Security Engineer is responsible for designing, implementing, and managing enterprise data protection solutions across our enterprise operating environment. This role ensures that sensitive and regulated information is discovered, classified, and protected throughout its lifecycle across Microsoft 365 and endpoint environments. The DLP Security Engineer will serve as the subject matter expert (SME) for data protection and Microsoft Purview Information Protection (MIP/DLP), leading policy configuration, tuning, and enforcement across the organization.
Maintain and execute the Cybersecurity, risk and compliance program while being responsible for development, establishment, and communication of security policies, standards, and guidelines as well as the education and awareness of these requirements; ongoing enhancement of the security risk assessment processes and procedures ensuring alignment with establishing industry standard security metrics.
Lead and manage a multi-disciplinary software engineering team or teams, ensuring high performance, accountability, and team spirit. Drive the strategic direction of our software engineering efforts, aligning with company goals and market trends. Foster a culture of innovation, encouraging the team to explore new technologies and methodologies that can enhance our product offerings and operational efficiency.
Lead the strategy, governance, and security operation of the CI&T Flow platform, ensuring compliance with international standards (ISO 27001, NIST, LGPD, SOX) and strengthening the trust of CI&T's corporate clients. Act strategically with Product, Engineering, and Business areas to make security a competitive differentiator and innovation accelerator.