Security Engineer

Position: Security Engineer I
** Akumin is*
* ** unable to provide sponsorship now or in the future.
** Candidates requiring sponsorship, including those currently on CPT/OPT or any other visa requiring sponsorship, will not be considered.
** The compensation range is $110,000–$125,000 annually,
** with no room for negotiation above the top of the range.

The
** Security Engineer I
** plays a vital role in securing Akumin’s IT infrastructure, networks, and systems. This role focuses on designing, implementing, and managing advanced security solutions, as well as ensuring that the organization’s security posture aligns with best practices and regulatory requirements. This position leads security operations including incident response and vulnerability management to prioritize and minimize cyber risk across the organization.
** Specific duties include, but are not limited to:**
* ** Monitoring and Incident Response:
** Establish monitoring and detection mechanisms to identify potential threats, and lead or assist in responding to incidents.
* ** Vulnerability Management:
** Conduct vulnerability assessments, penetration testing, and remediation of security weaknesses.
* ** Security Orchestration and Automation:
** Automate tasks where possible, using scripting and configuration management tools.
* ** Design and Implementation of Security Systems:
** Architect and implement security controls, including firewalls, intrusion detection systems, and encryption technologies.
* ** Security Control Improvements:
** Review of applications and systems to ensure industry best practices and security hardening.
** Position Requirements:
*** Bachelor's Degree or equivalent experience in IT Security, Computer Science.
* A valid and active certification in Information Security or Cybersecurity.
* 5+ years of hands-on experience in cybersecurity or a related field, including areas like network security, cloud security, and threat intelligence.
* ** Innovative Mindset:
** Always looking for new tools, techniques, and strategies to improve the organization’s security posture.
* ** Communication:
** Strong ability to convey technical security issues to non-technical audiences, including management and other stakeholders.
* ** Problem-Solving:
** Excellent troubleshooting skills with a proactive approach to solving complex security challenges.
* *
* Collaboration:

** Ability to work well with cross-functional teams, including Dev Ops, IT, and development teams, to integrate security into all layers of the organization’s infrastructure.
* ** Security Tools and Technologies:
** Proficiency with firewalls, IDS/IPS, endpoint protection, SIEM, encryption, VPNs, and multi-factor authentication (MFA).
* ** Penetration Testing and Vulnerability Management:
** Strong knowledge of vulnerability scanning tools and penetration testing techniques, with the ability to find and exploit weaknesses in an organization’s security infrastructure.
* ** Network Security:
** In-depth understanding of networking protocols (TCP/IP, DNS, HTTP, SSL/TLS) and how to secure them.
* ** Cloud Security:
** Expertise in securing cloud infrastructures, particularly AWS, Azure, or Google Cloud, including IAM, encryption, and security monitoring tools.
* ** SIEM and Logging:
** Experience with configuring and maintaining SIEM platforms and analyzing logs for unusual activities.
* 20% Travel may be required.
** Preferred (one or more):
*** Certified Information Systems Security Professional (CISSP)
* Certified Ethical Hacker (CEH)
* Offensive Security Certified Professional (OSCP)
* GIAC Security Essentials (GSEC)
* Certified Cloud Security Professional (CCSP)
* AWS, GCP, or Azure Cloud Security Engineer Certification
* Or other relevant cybersecurity certifications
* ** Dev Sec Ops :
** Experience integrating security into CI/CD pipelines and automating security controls in software development.
* ** Zero Trust Architecture:
** Understanding of Zero Trust security models and their application in modern IT environments.
* ** Identity and Access Management (IAM):
** Expertise in managing user identities and permissions, especially in cloud or hybrid environments.
* ** Threat Intelligence:
** Ability to analyze and apply threat…