TEKsystems
Lead Cybersecurity Engineer
Must be able to go onsite in Dallas, TX or Chicago, IL. This is a contract position based out of Chicago, IL.
Job Overview As a Lead Cybersecurity Engineer, you will be responsible for understanding and contributing to Security by Design practices, secure application software development lifecycle practices, security testing and assessment, and the integration of Security with DevOps. Your role includes security engineering of cloud (AWS, Azure) environments and vulnerability management of Infrastructure as Code (IaC) and application development (SAST/DAST). Engineers help development teams identify and track security risks to remediation while embracing concepts of agile delivery and DevOps.
Key Responsibilities
Security Defect Management – analyze, validate, communicate, and consult on security defects identified by automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, and bug bounty.
Engineering Consulting – serve as a trusted advisor to software engineers, architects, product owners, and leaders, providing contextual guidance to help make good security decisions and navigate review & approval processes.
Tool Enablement – enable and monitor automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established processes.
Security Test Onboarding & Management – collect and communicate required scope and access information for penetration testing and security assurance assessments, and handle assessment outputs via our defect management process.
Accountability for a dedicated set of applications, working directly with development teams and helping them identify security gaps and devise solutions to meet enterprise security requirements.
Candidate Requirements
Education & Experience:
Bachelor’s degree in computer science or related field with 8+ years in information security.
Master’s degree with 6+ years of experience.
Technical Skills (Required):
Application security expertise – understanding vulnerabilities and remediation solutions (OWASP, CWE/CVE, SANS 25).
Information security processes – enterprise security architecture, threat modeling, vulnerability assessment, risk analysis, defense in depth, SDLC, identity & access management, API security, SCA/SAST/DAST.
Cloud security experience – Microsoft Azure and/or AWS.
Professional certifications – CISSP, CCSP, GWAPT, GWEB, AWS SA / Certified Security, etc.
Development experience – Java, Python, .Net, JS, or equivalent.
Automation and scripting implementation.
Desired Skills:
Web services security, strong understanding of information security technologies.
Cloud, Terraform, DevOps, Linux, Kubernetes, AWS, Bash scripting, Jenkins, CI/CD, Git.
Soft Skills:
Excellent written and verbal communication skills, ability to convey highly technical security concepts to non-security audiences.
Ability to coordinate multiple teams in achieving process review and improvement.
Benefits
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan – pre‑tax and Roth post‑tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long‑term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave – PTO, vacation or sick leave
Equal Opportunity Employer The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr
Job Overview As a Lead Cybersecurity Engineer, you will be responsible for understanding and contributing to Security by Design practices, secure application software development lifecycle practices, security testing and assessment, and the integration of Security with DevOps. Your role includes security engineering of cloud (AWS, Azure) environments and vulnerability management of Infrastructure as Code (IaC) and application development (SAST/DAST). Engineers help development teams identify and track security risks to remediation while embracing concepts of agile delivery and DevOps.
Key Responsibilities
Security Defect Management – analyze, validate, communicate, and consult on security defects identified by automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, and bug bounty.
Engineering Consulting – serve as a trusted advisor to software engineers, architects, product owners, and leaders, providing contextual guidance to help make good security decisions and navigate review & approval processes.
Tool Enablement – enable and monitor automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established processes.
Security Test Onboarding & Management – collect and communicate required scope and access information for penetration testing and security assurance assessments, and handle assessment outputs via our defect management process.
Accountability for a dedicated set of applications, working directly with development teams and helping them identify security gaps and devise solutions to meet enterprise security requirements.
Candidate Requirements
Education & Experience:
Bachelor’s degree in computer science or related field with 8+ years in information security.
Master’s degree with 6+ years of experience.
Technical Skills (Required):
Application security expertise – understanding vulnerabilities and remediation solutions (OWASP, CWE/CVE, SANS 25).
Information security processes – enterprise security architecture, threat modeling, vulnerability assessment, risk analysis, defense in depth, SDLC, identity & access management, API security, SCA/SAST/DAST.
Cloud security experience – Microsoft Azure and/or AWS.
Professional certifications – CISSP, CCSP, GWAPT, GWEB, AWS SA / Certified Security, etc.
Development experience – Java, Python, .Net, JS, or equivalent.
Automation and scripting implementation.
Desired Skills:
Web services security, strong understanding of information security technologies.
Cloud, Terraform, DevOps, Linux, Kubernetes, AWS, Bash scripting, Jenkins, CI/CD, Git.
Soft Skills:
Excellent written and verbal communication skills, ability to convey highly technical security concepts to non-security audiences.
Ability to coordinate multiple teams in achieving process review and improvement.
Benefits
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan – pre‑tax and Roth post‑tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long‑term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave – PTO, vacation or sick leave
Equal Opportunity Employer The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr