at Cradlepoint, Inc. in Boise, Idaho, United States
This is a Remote Opportunity in the US
Cradlepoint - a part of Ericsson - was born in Boise and built for wireless. We are a team of authentic, hard-working, and innovative people driven by a shared vision toConnect Beyond the limits of wired networks. We help customers - big and small, across industries and around the world - utilize LTE and 5G cellular technology to connect people, places, and things, anywhere.We're at the forefront of the Wireless WAN and 5G - the next big waves in networking - and we remain as hungry and humble as the day we started. If you're hungry to be part of something big, come join us.
How Will You Contribute to the Company?
Cradlepoint is currently seeking a Sr. Security Engineer to join a dynamic, multi-national Company with a key role in the Global Information Security Team.
As a Security Engineer, you will apply critical cyber security expertise to initiatives across all Cradlepoint's lines of business. As part of the Enterprise Security team, you will employ your expertise to a variety of projects and challenges. In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contributing to the defensive posture of Cradlepoint itself. This role will require a broad technical background in cyber security technology, public cloud security technologies, and a proven ability to apply that knowledge to cyber defense solutions. This position will report directly to our Manager, Security Engineering.
What Will You Do?
- Support the design and implementation of technical security controls and process that supports the organization's objectives
- Instrument security policies and capabilities. Implement and maintain security tools as directed to support organizational cybersecurity initiatives. Secure design, architecture, and implementation
- Utilize expertise in cyber security architecture, engineering, and defensive operations in support of programs, proposals, and corporate objectives
- Facilitate architecture and technology reviews of major programs and drive alignment across the various architectural domains (e.g. Business, Information, Technology, and Security)
- Understand, advocate and support the enterprise's IT security strategy along with assisting in the development and implementation/realization of the various IT security roadmaps
- Analyze the current IT security environment to detect critical deficiencies and recommend solutions for improvement through the development of cyber capability reference architectures and knowledge of current threat landscape
- Work with technology and business stakeholders to realize the implementation of key future state initiatives
- Proactively identify information security deficiencies or opportunities for improvement to better enable business security
- Participate in stakeholder engagement sessions to capture business and IT requirements in order to evaluate cyber solutions and assist with Proof of Concepts and/or deployments of technology across the enterprise
- Participate in the planning or modification of cyber defense architectures and cyber engineering plans for programs and proposals
- Participate in the recovery of programs suffering from cyber security deficiencies requiring technical, management and policy/governance expertise
- Evaluate network and security technologies, identify security gaps, evaluate and implement enhancements and provide mentorship for less experienced team members
- Provide regular, timely reporting on the information security topics as required
- Plan cyber security solutions delivery and provide mentorship for less experienced team members
- Effectively communicate using written, oral, non-verbal, and active listening skills
- Accountable to Manager, Security Engineering for the efficient and effective execution of position responsibilities
- Accountable to Manager, Security Engineering to meet all performance objectives
- Accountable to peer employees to ensure professionalism throughout all communication and timely completion of job tasks
- Bachelor's degree with six (6+) years of experience relevant to Cyber Security. Additional years of relevant experience will be considered in lieu of a bachelor's degree
- Proven experience in taking security requirements and engineering them into security solutions with a focus on minimizing user impact
- Experience with Cybersecurity Engineering and Operations, specifically security operations, incident response, forensic analysis, threat intelligence, identity and access management, data protection, network security, penetration testing, Web application security testing, vulnerability and risk management, operating systems (Linux/macOS/Windows)
- Experience with cloud security and cloud architecture to include:
- Experience securing infrastructure and services in public cloud and hybrid cloud environments
- Ability to create and document proofs of concepts which demonstrate security value, particularly within AWS
- Ability to develop reference security architecture including cloud and conduct security architecture reviews of the entire stack, including those built on cloud and emerging technologies
- Experience with DevSecOps and security tool automation across public and hybrid cloud environments
- Working knowledge of security products in both on-prem, cloud and SaaS models, including GRC platforms, SIEMs, Firewalls, Security Applications, Vulnerability Detection, Network Devices, End Point Protection, Access Control and Identity Management
- Experience with cloud security models, network security architecture development, security policy development, responding to security incidents and coordinating incident activities
- Experience performing security reviews, identifying gaps in security architecture, and developing security risk management plans
- Experience with security automation tools and/or proficiency with languages (python, golang)
- Knowledge of IT Security regulations and guidance such as the RMF, FISMA, NIST 800-53, NIST 800-53A, NIST 800-37, ISO27001, FedRAMP and FIPS 199
- Strong writing and presentation skills
- Ability to travel up to 25% of the time
- Experience with FedRAMP
- Cloud Security experience in support of AWS, GCP, and MS Azure cloud hosting environments
- Experience with the Cyber Kill Chain and enterprise solutions
- Knowledge of PCI DSS, GDPR, SOC, and FedRAMP regulations
- Experience with containerized applications, and container orchestration
- Security Certifications
Note: Did you know that women and other marginalized groups often hold back on applying to jobs if they don't meet 100% of all listed requirements? We don't want you to hold back! If you don't check every single box above but still feel like you could successfully do the work, we encourage you to apply! We'd love to connect and see how you could add to our team.
At Cradlepoint, we celebrate & support the unique contributions of our vibrant, global employee base. We know that our differences of perspective inspire creativity and drive innovation. Our culture is based on a set of shared values designed to unite and enable our community to thrive.
At Cradlepoint, we are hungry & humble. Our values drive everything we do.
- Respect: we seek to understand, value all perspectives and celebrate our differences.
- Integrity: we take ownership and accountability and do the right thing - even when it's hard.
- Perseverance: we accept and embrace change and have a passion to win.
- Professionalism: we build trust by delivering on our promises and working collaboratively to hold each other accountable.
- Cooperation & Collaboration: we are one team.
- Courageous, Fact-based Decisions: be a curious learner and ask questions.
- Execute with Speed: empower employees and guide.
- Speak-up environment: dare to disagree.
- Empathy & Humanness: care for each other and support work life balance.
Compensation and Benefits at Cradlepoint
At Cradlepoint, we know that our people are the key to our success. We offer a competitive compensation and benefits package to help with your individual needs and goals.
The salary range for this position is listed below. The actual salary offered is dependent on various factors including, but not limited to, location, the candidate's combination of job-related knowledge, qualifications, skills, education, training, and experience.
- $108,850 - $210,450
Cradlepoint offers excellent, competitive employee benefits, such as: subsidized, nationwide PPO medical benefit options including a low-deductible Point of Service Plan and a qualifying High Deductible Health Plan (HDHP), with a generous company-provided HSA contribution. For California employees, we offer a subsidized HMO option through Kaiser. Cradlepoint also offers subsidized dental and vision coverage.
Your Financial Security:
We invest in both your short and long-term financial wellbeing. Cradlepoint's 401(k) plan has a 4% company match and immediate vesting. Employees will also receive company-paid employee basic life and AD&D insurance and company-paid disability benefits.
Your work-life balance is important to us. Cradlepoint provides generous paid time off, including: 15 days of Flexible Time Off (FTO), four paid quarterly well-being days, and 11 paid annual holidays (includes nine company holidays and up to two floating holidays). Please note that an employee's FTO balance and floating holidays may be prorated in the first year, based on start date. Cradlepoint also offers paid maternity-leave benefits and six weeks 100% paid family leave for all employees.
Cradlepoint offers other company-paid benefits such as a comprehensive Employee Assistance Program, a free Headspace membership, LinkedIn Learning access, Talkspace mobile therapy, and volunteer paid time off.
Cradlepoint's Diversity, Equity, Inclusion, and Belonging mission is to create an inclusive work environment where all employees' differences are celebrated, their thoughts matter, and everyone feels safe to bring their authentic selves to work. We're proud to be an equal opportunity employer and aim to attract, develop, and engage top talent from a diverse candidate pool. It is our policy and commitment to provide equal opportunity employment for all persons and not discriminate in employment decisions by placing the most qualified person in each job, without regard to any other classification protected by federal, state, or local law.