Cybersecurity Engineer

We are seeking a highly skilled Cybersecurity Engineer to join our dynamic cybersecurity team. This is a hands-on role focused on building, automating, and securing our cloud-based SaaS infrastructure and products. The ideal candidate will have a strong background in both application and cloud security, with a passion for designing and implementing robust security solutions to protect our systems, data, and services from evolving threats.

Responsibilities

• Secure Software Development: Champion security throughout the entire software development lifecycle (SDLC). Conduct threat modeling, perform code analysis (SAST), and integrate security tools into CI/CD pipelines to identify and remediate vulnerabilities early.
• Cloud Security Architecture: Collaborate with DevOps to enhance and maintain the security of our existing cloud environment (AWS, Azure, GCP). Continuously identify opportunities to strengthen security controls across infrastructure, platforms, and services—covering network, container, and serverless technologies. Provide input and guidance to shape future cloud security designs and best practices.
• Security Automation & Orchestration: Develop and deploy automation scripts, tools, and workflows to streamline security operations. Automate incident response, threat hunting, compliance checks, and remediation processes.
• Vulnerability Management & Penetration Testing: Proactively identify and mitigate security weaknesses by conducting dynamic application security testing (DAST), infrastructure vulnerability scanning, and coordinating penetration tests.
• Security Monitoring & Incident Response Engineering: Implement and fine-tune security monitoring tools (SIEM, CSPM) to detect and alert on security incidents. Develop and maintain automated incident response playbooks to enable rapid mitigation of threats.

Requirements

• Education: Bachelor's or Master's degree in Information Security, Computer Science, or a related field, or equivalent professional experience.
• Experience: 2+ years of hands-on experience in cybersecurity, with a deep focus on application security, cloud security, and secure software development.
• Technical Skills:
• Knowledge of web application vulnerabilities (OWASP Top 10) and secure coding practices.
• Hands-on experience with security tools such as SAST, DAST, IAST, and CSPM.
• Proven experience securing cloud platforms (AWS, Azure, or GCP) and their native security services.
• Proficiency in one or more programming/scripting languages (e.g., Python, Go, Java, JavaScript).
• Frameworks & Compliance: Experience implementing and auditing technical controls for security frameworks such as SOC 2, NIST, and ISO 27001.
• Certifications (Preferred): Relevant security certifications are a strong plus (e.g., CCSK, CCSP, CSSLP, GWAPT, or cloud-specific security certs).
• Soft Skills: Strong analytical and problem-solving skills, with the ability to communicate complex technical concepts to a variety of audiences.

At Octus, we consider a range of factors in connection with compensation decisions, including experience, skills, location, and our business needs and limitations. As a result, compensation may vary within and across similar roles and positions. Please note that the salary range information below is a good faith estimate for this position and actual compensation for any individual may fall outside this range if warranted by the circumstances applicable to that individual. If we identify a role that would be suitable for a broader range of skills and experience such that we would consider hiring at multiple levels then the range listed below may reflect that breadth.

The salary range estimate (in total compensation, which includes a base salary plus an annual discretionary bonus) for this position is $100,000 - $150,000.

The actual compensation will be at Octus' sole discretion and will be determined by the aforementioned and other relevant factors.