Job description

TA NotesPosition Description Required Education: • Bachelor's degree in Computer Science, Cybersecurity, or related field + 8+ years of experience • OR 12+ years of relevant experience (if no degree) Preferred Education/Certification: • Certifications in Cybersecurity (CISSP, CEH, OSCP, AWS/Azure Security) • Advanced degrees (Master's in Cybersecurity, Cloud Security, etc.) Preferred Skills: • Penetration testing & bug bounty triage • Security automation in CI/CD pipelines • Kubernetes/Docker security • Scripting (Python, Bash, PowerShell) for security automation • Experience in Agile/DevOps environments Required Skills: o ISO, SOC, OWASP Top 10, MITRE Telecommunication&CK, Microsoft Security o Experience assessing solutions against GRC (Governance, Risk, Compliance) standards o Knowledge of AWS/Azure security best practices o Familiarity with SAST/DAST tools (CodeQL, Rapid7) o Understanding of Infrastructure as Code (IaC) security Required Soft Skills: • Collaborative mindset – must work closely with developers, architects, and DevOps teams • Strong communication – ability to explain security risks to non-security teams • Problem-solving attitude – comfortable in an R&D-like environment Job Responsibilities: • Analyze vulnerabilities from CodeQL, Rapid7, pentests, bug bounty programs • Guide developers on remediation strategies • Advise software teams on secure design decisions • Assist in security reviews for new features • Configure and manage SAST/DAST tools (CodeQL, Rapid7) • Ensure automated security scanning coverage • Coordinate penetration tests and manage findings • Validate security controls in cloud (AWS/Azure) environments • Help teams improve using security scorecards & maturity models • Document security lessons learned to prevent recurring issues Disqualifiers (Red Flags): • Unstable job history / frequent job-hopping • Unwilling to relocate to Chicago (Day 1 onsite mandatory) • Passive attitude – must be proactive in collaboration

Requirements