Cybersecurity Engineer

Conio S.r.l.

NY

JOB DETAILS
SKILLS
Analysis Skills, Android, Application Programming Interface (API), Applications Security, Architectural Services, Automation, Blockchain, Cloud Applications, Cloud Computing, Communication Skills, Computer Security, Continuous Deployment/Delivery, Continuous Integration, Database Administration, Docker, Document Management, Dynamic Analysis, Endpoint Security, English Language, Event Management, ISO (International Organization for Standardization), Incident Management, Incident Response, Internet Application, Internet Security, Inversion of Control (IoC), Italian Language, Linux Operating System, Machine Tool, Mobile Applications, NIS (Network Information Service), PCI-DSS, Penetration Testing, Python Programming/Scripting Language, Scientific Publications, Security Analysis, Security Design, Security Information and Event Management (SIEM), Security Monitoring, Software Engineering, Static Analysis, System Integration (SI), Technical Leadership, Technical Writing, Test Tools, Testing, U.S. National Institute of Standards and Technology (NIST), Vulnerability Scanners, Web Analytics, Writing Skills, iOS
LOCATION
NY
POSTED
30+ days ago

[

As a Cybersecurity Engineer, you will serve as the CISO's technical right-hand person and will be responsible for managing and improving the design of Conio's "digital shield," automating and managing threat response, and ensuring that every software release is secure from the very first line of code. Specifically, you will be responsible for:

  • Security Operations & Response: You will manage event monitoring using advanced SIEM/HIDS systems and enterprise-class EDR platforms, handling incidents, cases, and indicators of compromise (IoC);

  • SOAR & Automation: You will develop and manage integration tools to orchestrate responses across identity protection systems, endpoints, and incident response platforms;

  • Threat Intelligence: You will maintain Threat Intelligence databases, integrating external feeds and automating analysis through response and analysis modules (Responder/Analyzer);

  • DevSecOps Pipeline: You will implement and monitor code security using SAST, DAST, and SCA tools for static/dynamic analysis, vulnerability scanning, and container security within our CI/CD pipelines;

  • App, Cloud, and Smart Contract Security: You will perform manual penetration tests and conduct security analyses on web and mobile applications (iOS/Android), while overseeing the security posture of our cloud infrastructure and smart contracts;

  • Document Management: You will manage technical documentation related to the company's security policies and procedures in accordance with standards (NIST, ISO 27001, DORA, SOC 2);

Security Design: You will validate project architectural specifications with a security-oriented mindset.

  • We have the perfect job for you, if you have these skills:

  • Experience: Over 3 years in cybersecurity, including roles in Security Engineering, DevSecOps, SOC, Blue Team, Red Team, Purple Team, or Team ;)

  • Engineering Mindset: Proficiency in Python for automation and system integration via APIs;

  • Systems, Cloud & Containers: Excellent knowledge of Linux, the native security mechanisms of major cloud providers, and containerized environments;

  • Security Tooling: Hands-on experience with log monitoring platforms, SIEM, EDR/XDR, and incident management systems (SOAR/Threat Intelligence);

  • AppSec: proficiency in using tools for penetration testing and (web) application security analysis (e.g. BurpSuite);

  • Posture & Hygiene: management of vulnerabilities and the security posture of corporate assets;

  • Languages: excellent written and spoken Italian and English communication skills.

  • Furthermore, you are the ideal candidate if:

  • Knowledge of security considerations related to blockchain and the custody of digital assets;

  • Experience with orchestration tools (Docker Swarm, Kubernetes) from a security perspective;

  • Familiarity with compliance frameworks (PCI-DSS) and international security standards such as ISO 27001, SOC 2, DORA, NIS 2, and NIST;

  • Curiosity: technologies are constantly changing, but mindsets are not. If you are curious, eager to learn new technologies, and think outside the box, you're in the right place;

  • Ability to write technical and scientific documentation.

  • In working at Conio, you will benefit from:

  • Strategic visibility: reporting directly to the CISO and immediate impact on technology decisions;

  • A highly competitive compensation package, including an individual welfare plan.

  • Flexible work policies embracing hybrid or full-remote work options.

  • Over 60 days per year of "Work From Anywhere" to fully enjoy your Summer and Winter holidays without restrictions.

  • Continuous learning opportunities through tailored training programs, professional courses, and industry events.

  • Periodic in-office and off-site meetings, and team-building activities to celebrate our successes together.

Being part of Conio means being a leader of change and innovation. Join us for an exciting challenge!

]

About the Company

C

Conio S.r.l.