Gravity IT Resources
Position:
Senior Cyber Security Engineer Location:
Miami, FL Type:
Direct Hire Employment Eligibility:
Due to the travel requirements to Latin America and the Caribbean, Gravity can only consider U.S. Citizens at this time. Job Description Gravity IT Resources is seeking a highly skilled and motivated
Senior Cyber Security Engineer
to join our growing security team. This individual will be responsible for driving cybersecurity initiatives across infrastructure, applications, cloud environments, identity, and governance domains. The ideal candidate is a hands-on technical expert and a proactive self-starter who takes full ownership of their work, identifies gaps, and implements effective solutions without needing direction. This role blends
technical security engineering
responsibilities with
governance, risk, and compliance (GRC)
oversight, ensuring security practices align with frameworks such as
PCI DSS 4.0 ,
NIST CSF ,
GDPR , and internal data protection standards. Key Responsibilities
Security Engineering & Operations
Design, implement, and manage security controls across networks, endpoints, cloud platforms, and applications. Lead the deployment, tuning, and optimization of security tools (e.g., SIEM, EDR, WAF, IAM, CNAPP). Investigate, triage, and remediate complex security incidents in coordination with the SOC team. Architecture & Design
Integrate security into system and application design reviews; perform threat modeling and provide architectural guidance. Define technical standards and create reference architectures for secure cloud and on-prem deployments. Champion Zero Trust architecture and least-privilege access principles across the enterprise. Governance, Risk & Compliance (GRC)
Support compliance with
PCI DSS 4.0
through scope reduction, segmentation validation, vulnerability management, and scanning. Align security controls to the
NIST CSF
framework; track maturity levels and drive control improvements. Ensure
GDPR
and privacy-related practices (e.g., DSARs, opt-out handling, privacy-by-design) are embedded in operations. Implement and monitor
data security controls , including encryption, access controls, and data retention strategies. Conduct risk assessments, gap analyses, and security reviews to validate compliance and enhance security maturity. Collaborate with auditors, regulators, and internal teams during security audits and assessments. Maintain documentation for security policies, control standards, procedures, and evidence repositories. DevSecOps & Automation
Integrate security into CI/CD pipelines, containerized environments, and Kubernetes orchestration. Automate security tasks such as vulnerability scanning, patch management, and compliance reporting. Partner with development teams to promote secure coding practices and address vulnerabilities early in the SDLC. Leadership & Influence
Act as a trusted advisor to IT and business stakeholders; clearly communicate security risks and technical concepts. Proactively identify areas for improvement, lead initiatives, and influence positive change across the organization. Competency Requirements
The successful candidate must demonstrate proficiency in the following areas: Initiative : Strong self-starter who drives outcomes and leads improvements. Technical Expertise : Broad and deep knowledge across security domains. Risk-Based Thinking : Balances technical implementation with regulatory compliance needs. Collaboration : Works effectively with cross-functional teams (IT, DevOps, Business). Communication : Articulates complex security issues to technical and non-technical audiences. Adaptability : Thrives in dynamic, fast-paced environments. Ownership : Takes accountability, drives solutions, and challenges the status quo when needed. Qualifications & Experience
Education
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field preferred. Experience
5–7 years of progressive experience in cybersecurity engineering. Core Technical Expertise
Network Security : Firewalls, IDS/IPS, segmentation. Endpoint Security : EDR tools, patch management, system hardening. Cloud Security : Security architecture for AWS, Azure, or GCP; container/Kubernetes security; CNAPP. Identity & Access Management : MFA, SSO, RBAC, PAM, Entra ID/Okta. Application Security : Secure coding practices, SAST/DAST, API security, SDLC integration. Data Security : Encryption, DLP, retention, DSAR handling. Frameworks & Compliance
Deep knowledge of:
PCI DSS 4.0 ,
NIST CSF ,
GDPR , and related privacy/security standards. Automation & Scripting
Proficiency with scripting and automation tools (e.g.,
Python, PowerShell, Bash, Terraform ). Certifications (1 or more preferred)
OSWE ,
GWAPT ,
GWEB ,
GPEN CSSLP
– Certified Secure Software Lifecycle Professional CISSP ,
CISM , or
CEH Equal Employment Opportunity Statement Gravity IT Resources is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other legally protected characteristic. All employment decisions are based on qualifications, merit, and business needs.
#J-18808-Ljbffr
Senior Cyber Security Engineer Location:
Miami, FL Type:
Direct Hire Employment Eligibility:
Due to the travel requirements to Latin America and the Caribbean, Gravity can only consider U.S. Citizens at this time. Job Description Gravity IT Resources is seeking a highly skilled and motivated
Senior Cyber Security Engineer
to join our growing security team. This individual will be responsible for driving cybersecurity initiatives across infrastructure, applications, cloud environments, identity, and governance domains. The ideal candidate is a hands-on technical expert and a proactive self-starter who takes full ownership of their work, identifies gaps, and implements effective solutions without needing direction. This role blends
technical security engineering
responsibilities with
governance, risk, and compliance (GRC)
oversight, ensuring security practices align with frameworks such as
PCI DSS 4.0 ,
NIST CSF ,
GDPR , and internal data protection standards. Key Responsibilities
Security Engineering & Operations
Design, implement, and manage security controls across networks, endpoints, cloud platforms, and applications. Lead the deployment, tuning, and optimization of security tools (e.g., SIEM, EDR, WAF, IAM, CNAPP). Investigate, triage, and remediate complex security incidents in coordination with the SOC team. Architecture & Design
Integrate security into system and application design reviews; perform threat modeling and provide architectural guidance. Define technical standards and create reference architectures for secure cloud and on-prem deployments. Champion Zero Trust architecture and least-privilege access principles across the enterprise. Governance, Risk & Compliance (GRC)
Support compliance with
PCI DSS 4.0
through scope reduction, segmentation validation, vulnerability management, and scanning. Align security controls to the
NIST CSF
framework; track maturity levels and drive control improvements. Ensure
GDPR
and privacy-related practices (e.g., DSARs, opt-out handling, privacy-by-design) are embedded in operations. Implement and monitor
data security controls , including encryption, access controls, and data retention strategies. Conduct risk assessments, gap analyses, and security reviews to validate compliance and enhance security maturity. Collaborate with auditors, regulators, and internal teams during security audits and assessments. Maintain documentation for security policies, control standards, procedures, and evidence repositories. DevSecOps & Automation
Integrate security into CI/CD pipelines, containerized environments, and Kubernetes orchestration. Automate security tasks such as vulnerability scanning, patch management, and compliance reporting. Partner with development teams to promote secure coding practices and address vulnerabilities early in the SDLC. Leadership & Influence
Act as a trusted advisor to IT and business stakeholders; clearly communicate security risks and technical concepts. Proactively identify areas for improvement, lead initiatives, and influence positive change across the organization. Competency Requirements
The successful candidate must demonstrate proficiency in the following areas: Initiative : Strong self-starter who drives outcomes and leads improvements. Technical Expertise : Broad and deep knowledge across security domains. Risk-Based Thinking : Balances technical implementation with regulatory compliance needs. Collaboration : Works effectively with cross-functional teams (IT, DevOps, Business). Communication : Articulates complex security issues to technical and non-technical audiences. Adaptability : Thrives in dynamic, fast-paced environments. Ownership : Takes accountability, drives solutions, and challenges the status quo when needed. Qualifications & Experience
Education
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field preferred. Experience
5–7 years of progressive experience in cybersecurity engineering. Core Technical Expertise
Network Security : Firewalls, IDS/IPS, segmentation. Endpoint Security : EDR tools, patch management, system hardening. Cloud Security : Security architecture for AWS, Azure, or GCP; container/Kubernetes security; CNAPP. Identity & Access Management : MFA, SSO, RBAC, PAM, Entra ID/Okta. Application Security : Secure coding practices, SAST/DAST, API security, SDLC integration. Data Security : Encryption, DLP, retention, DSAR handling. Frameworks & Compliance
Deep knowledge of:
PCI DSS 4.0 ,
NIST CSF ,
GDPR , and related privacy/security standards. Automation & Scripting
Proficiency with scripting and automation tools (e.g.,
Python, PowerShell, Bash, Terraform ). Certifications (1 or more preferred)
OSWE ,
GWAPT ,
GWEB ,
GPEN CSSLP
– Certified Secure Software Lifecycle Professional CISSP ,
CISM , or
CEH Equal Employment Opportunity Statement Gravity IT Resources is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other legally protected characteristic. All employment decisions are based on qualifications, merit, and business needs.
#J-18808-Ljbffr