CyberSecurity Engineer, Identity Protection – Tier 3

This is a fully remote position, open to applicants in United States.

📋 Description

• Deploy and set up Endpoint Detection and Response (EDR) agents in client environments. Tailor detection policies to reduce false positives and ensure uninterrupted client business operations.

• Examine EDR telemetry to identify "living off the land" attacks and anomalies that conventional antivirus solutions might overlook.

• Proactively monitor client endpoints for signs of malicious activity. Upon detecting threats, promptly isolate affected devices and inform the customer and relevant cross-functional teams about the incident's scope.

• Create monthly executive summaries for clients that outline blocked attacks, health status, and return on investment for their security measures.

• Organize and execute next-gen vulnerability scans on client networks and conduct penetration tests as needed against client assets. Discuss the results with the client or their IT contact, prioritize essential patches, and confirm their remediation.

• Monitor threats and vulnerabilities related to “Smart Home” and Internet of Things (IoT) devices, alert clients who are affected, and assist them in securing their home networks and IoT devices.

• Actively monitor the Dark Web and criminal forums for compromised client credentials, leaked intellectual property, or domain spoofing incidents.

• Collaborate with cross-functional teams to inform clients immediately upon discovering leaked data, providing specific guidance on changing passwords or securing accounts.

• Oversee the credit monitoring platform, notifying clients of changes in credit scores, new credit inquiries/accounts, and other identity alerts that may suggest fraudulent activity.

• In partnership with Client Success Managers, act as the dedicated case manager for confirmed identity theft cases. Manage the entire resolution process to ensure the client navigates the bureaucracy smoothly.

• Aid in restoring compromised accounts, including those affected by synthetic identity fraud, medical identity theft, and tax refund fraud.

• Actively search for client Personally Identifiable Information (PII) on people-search websites and data broker databases. Manage the "opt-out" and removal process to reduce their public attack surface.

• Identify repetitive manual tasks (e.g., alert triage, monthly reporting, initial containment) and develop SOAR playbooks or scripts (Python/PowerShell) to automate them.

• Assess and implement AI-driven tools to enhance the accuracy of threat detection. Leverage Machine Learning features within our stack to alleviate "alert fatigue" and minimize false positives.

• Continuously evaluate the architecture of our toolset, optimizing API integrations among our Identity platforms, EDR, and ticketing systems to ensure handling of increased client volume without a proportional increase in headcount.

• Conduct "Post-Mortem" reviews following incidents or complex identity cases to pinpoint process gaps, updating standard operating procedures (SOPs) to improve efficiency for future situations.

• Identify and document attacker tools, tactics, and procedures in indicators of compromise (IOCs) applicable to ongoing and future investigations.

• Create custom scripts, tools, or methodologies to enhance our Incident Response processes.

• Compile comprehensive and precise reports regarding forensic findings and Incident Response activities for both technical and executive stakeholders.

• Participate in an on-call rotation and escalation team.

• Engage in knowledge transfer sessions, product training, and other strategic initiatives as necessary.

• Maintain an up-to-date understanding of BlackCloak’s solutions, platform features, and best practices.

• Mentor and support Client Success and Security Team Members.

• Collaborate closely with the engineering and product teams to continually enhance BlackCloak products.

• Conduct research and development on the latest trends in cyber security attacks and defenses.

• Assist the sales team with technical demonstrations and provide subject matter expertise.

• This role may require occasional work during evenings and weekends to address client incidents, emergency onboardings, and other urgent issues.

⛳️ Requirements

• 3-5+ years of experience in Cybersecurity, Fraud Analysis, or Security Engineering.

• A college degree in an Information Technology (IT/CS/CE) related field is advantageous, although equivalent experience will also be considered.

• Industry-recognized information security certifications are a plus:

• CISSP

• CCSP

• CFCE

• GIAC

• OSCP

• OSCE

• Security+

• CEH

• Experience in penetration and vulnerability testing.

• Proficiency in Windows and macOS forensic investigations and vulnerability management.

• Experience in deploying, managing, and optimizing EDR tools to effectively detect, respond to, and mitigate threats.

• Ability to correlate assets across multiple systems for operational clarity and coverage is essential.

• Experience in developing detection alerts using automation, orchestrating detection logic to trigger responses, and creating efficient security workflows.

• Strong client service experience, with the ability to communicate complex technical concepts and a robust analytical mindset required.

• Technical knowledge of operating systems such as Windows, macOS, iOS, Android, and Linux.

• Solid understanding of the US Credit System (Bureaus, FICO, FCRA rights).

• Experience managing identity monitoring platforms, including alerts related to Credit, SSN, and PII.

• Ability to work independently and efficiently manage multiple tasks and priorities simultaneously.

• High level of interpersonal communication skills and discretion regarding client privacy.

🏝️ Benefits

• 100% Remote Company, within the USA.

• Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.

• Health Savings Account with company contribution for eligible medical plans.

• Flexible Vacation Plan.

• 10 Paid Company Holidays.

• 100% employer-paid Life, AD&D, and Short- and Long-Term Disability Insurance.

• 401k with Traditional and Roth options, including employer match.

• Company Equity.

• Paid Parental and Pregnancy Recovery Leave.

• Company and team off-sites and virtual events throughout the year.

• Home office stipend.