Easy Apply
Easy Apply
As a Security Engineer, you will support security operations, enhance Zero Trust and network security, and assist with application and cloud security, including incident response and application security strategies.
BlackCloak’s mission is to protect corporate executives and high-profile individuals in their personal lives, mitigating risks to their families, companies, reputation, and finances. We defend our clients’ digital lives from hackers, privacy leaks, and identity theft. If you are passionate about helping to protect others, then keep reading - this may be your next great opportunity.
As a Security Engineer, you will be part of BlackCloak’s internal technology team supporting corporate security, information technology operations, and compliance. This is a critical role that is both hands-on and strategic, influencing and driving success for BlackCloak and its clients by designing, deploying, and supporting technology solutions for all areas of the business.
What you will do
- Review, design, and implementation of new Security Tools - support administration across tools such as SIEM, EDR, CNAAP, Email Security, and others.
- Support security and risk assessments for new tools, vendors, and relationships with broader Security and IT team.
- Assist in development of new threat detections, playbooks, and automated response/remediation
- Support triage and response of security alerts, as an escalation point from the broader team.
- Participate in supporting security on-call rotation
- Strengthen Zero Trust posture by expanding usage of Cloudflare WARP, WAF, other Zero Trust tooling and principles
- Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne, Crowdstrike, as well as secure hardening standards into MDM
- Support design and implementation of IAM best practices/principles for workforce and client identity, leveraging tools such as; Google IDP, Okta, Auth0, Zitadel
- Mature Zero Trust alerts and controls across risk-based alerting, posture checks
- Incorporation of Zero Trust principles into new programs and architecture designs
- Support application security program strategy and implementation, including but not limited to various controls towards a “shift-left” security model, Security Champions program, adoption and implementation of SAST, DAST, other application security tools.
- Assist in maturation of the Secure SDLC, including threat modeling, security architecture and requirements guidance, as well as secure code development training.
- Work directly with developers to triage findings, provide remediation guidance, and foster a security-first culture.
- Manual testing support for light red teaming such as POC’ing vulnerabilities, leading penetration tests via vendor engagements and/or internally led testing, and validating security findings.
- Partner with Engineering, DevOps, to secure GCP, AWS environments
- Leverage Cloud Security tools such as CNAAP, to remediate discovered misconfigurations, vulnerabilities, and triage of Cloud Security alerts.
- Support development and implement secure infrastructure baselines, vulnerability management processes, secrets managements, IAM, and hardening standards within the cloud environment.
- Incorporation of shift-left security tests and controls, into CI/CD pipelines
- Help expand monitoring capabilities within tools such as SIEM, CNAAP, including implementation of required cloud architecture/logging, onboarding of log sources to security tools, and detection rules for cloud-based threats.
Security Operations & Incident Response (Primary)
Zero Trust & Network Security (Secondary)
Application Security (Support)
Cloud & Infrastructure Security (Support)
What You Need to be Successful
- 3-5 years of hands-on experience in a security engineering role, preferably within a cloud-native, startup environment
- Deep experience building or contributing to a Security Operations program, leveraging/administering SIEM, EDR, CNAAP, Email Security, and SOAR tools.
- Hands-on experience building and tuning threat detections, partnering with Security Analysts to improve/automate runbooks and response actions.
- Demonstrated experience implementing tools and controls to support Zero Trust, with tools such as Cloudflare, IAM architecture and protocols, risk and posture based alerting, and workforce/customer identity solutions.
- Proficiency in at least one scripting language (e.g., Python, Bash) to automate security tasks and processes, ability to implement and support detection-as-code and infrastructure-as-code where applicable.
- Excellent problem-solving skills and the ability to work collaboratively with both technical (Engineering) and non-technical (GTM) teams.
- Ability to drive new projects, self-starter, with minimal supervision
- A proactive, "builder" mindset with a passion for improving processes, reducing risk.
- Familiarity with Infrastructure as Code (IaC) and its security implications (e.g., Terraform).
- Knowledge of compliance frameworks such as SOC 2, GDPR, NIST CSF
- Familiarity with common application development languages such as Java or JavaScript
- Understanding of system and architecture design principles, from code to cloud
- Relevant industry certifications (e.g., GCLD, GCP Cloud Security Engineer, GCSA).
Nice to have
About BlackCloak
BlackCloak is an extremely fast-growing company in an entirely new product category. We have amazing product fit validated by industry awards and an impressive client base of Fortune 500 companies across all industries.
BlackCloak offers a competitive salary, exceptional benefits, and a dynamic work environment. Below is a quick summary of BlackCloak’s generous benefits package for full-time employees includes:
- 100% Remote Company, within the USA
- Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.
- Health Savings Account with company contribution for eligible medical plans.
- Flexible Vacation Plan
- 10 Paid Company Holidays
- 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance
- 401k with Traditional and Roth options, including employer match.
- Company Equity
- Paid Parental and Pregnancy Recovery Leave
- Company and team off-sites and virtual events throughout the year
- Home office stipend
We are an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military service status, citizenship, or other protected characteristic.
Learn More about Us
Website: https://blackcloak.io
LinkedIn: /blackcloak
Twitter: @BlackCloakCyber
White Paper: https://bc.blackcloak.io/quantifying-the-business-need-for-digital-executive-protection-report-download
#liremote
Top Skills
Auth0
AWS
Bash
Cloudflare
Cnaap
Edr
Email Security
GCP
Google Idp
Iam
Okta
Python
Security Tools
SIEM
Terraform
Zitadel
Similar Jobs
Big Data • Information Technology • Productivity • Software • Analytics • Business Intelligence • Consulting
The Account Executive oversees client acquisition in the U.S. Public Sector, utilizing sales strategies, managing complex sales cycles, and collaborating with cross-functional teams to expand market share.
Top Skills:
SaaS
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
The role involves developing the BLE implementation on mobile products, collaborating with cross-functional teams, mentoring junior developers, and ensuring high-quality code delivery in a fast-paced environment.
Top Skills:
CGoGraphQLReact NativeReduxTypescript
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Manage a team of engineers overseeing source code security services, integrate security solutions, and ensure a positive developer experience while coordinating with other teams.
Top Skills:
GroovyPythonShell
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
