Cybersecurity Engineer

📋 Description

• • Join Istari Digital, a pioneering digital engineering software company at the forefront of transforming the physical world into the digital realm to achieve critical mission and business objectives. We are building the world's premier engineering model-sharing platform, designed to facilitate the seamless and secure integration of models across diverse engineering disciplines, organizations, and security classifications. Our vision is to make open, scalable digital engineering ecosystems a reality, enabling the creation of new technologies and systems in a digital space, unhindered by the traditional constraints of cost and time.
• • At Istari, we are driven by a profound mission: to establish the world's first open and scalable industrial metaverse. This innovative approach empowers our customers to design prototypes, conduct virtual testing, and train AI and autonomy for complex systems, ultimately saving them significant time, resources, and reducing their environmental impact. We are a distributed team, with the majority of our members working remotely, yet we place a strong emphasis on maintaining connection and fostering collaboration. Recognizing the importance of building trust, we prioritize in-person opportunities for team cohesion and development.
• • To facilitate this, we maintain an engineering headquarters in Cambridge, MA, dedicated to focused technical development. Furthermore, we organize several off-site gatherings annually, providing invaluable opportunities for both professional skill enhancement and strengthening our team relationships. Our core values – 'Focus is rewarded. Finish is remembered.', 'Facts are friendly. Even when they are not fun.', and 'Fellowship is fundamental. Make others successful.' – guide our daily operations and interactions.
• • We are seeking a highly experienced and motivated Cybersecurity Engineer to become an integral part of the Istari team. This critical role is centered on the design, implementation, and operation of robust security architecture and controls essential for safeguarding our cutting-edge cloud-native products and platform. The ideal candidate will possess profound expertise across a spectrum of security domains, including cloud security, advanced threat detection and response methodologies, and the principles of DevSecOps.
• • Your passion for enabling secure innovation within a dynamic and fast-paced environment will be paramount. This position is specifically focused on architecting, deploying, and managing scalable infrastructure that underpins our innovative products. You will be instrumental in ensuring the integrity, confidentiality, and availability of our digital engineering ecosystem.
• • Key responsibilities will include developing and enforcing security policies, standards, and procedures across our cloud infrastructure (e.g., AWS, Azure, GCP). You will be responsible for implementing and managing security tools such as firewalls, intrusion detection/prevention systems (IDPS), Security Information and Event Management (SIEM) solutions, and endpoint detection and response (EDR) tools.
• • A significant part of your role will involve conducting regular security assessments, vulnerability scans, and penetration tests to identify and remediate potential weaknesses. You will also play a crucial role in incident response, developing playbooks, and leading the investigation and resolution of security breaches.
• • Furthermore, you will collaborate closely with development and operations teams to integrate security best practices into the software development lifecycle (SDLC), fostering a DevSecOps culture. This includes implementing automated security testing, code analysis, and secure configuration management.
• • You will stay abreast of the latest cybersecurity threats, trends, and technologies, proactively adapting our security posture to mitigate emerging risks. Educating and mentoring other team members on security best practices will also be a key aspect of this role, promoting a security-first mindset throughout the organization.
• • The ideal candidate will have a proven track record in designing and implementing secure cloud architectures, with a deep understanding of cloud security best practices and compliance frameworks (e.g., SOC 2, ISO 27001).
• • Experience with infrastructure as code (IaC) tools like Terraform or CloudFormation, and container security (Docker, Kubernetes) is highly desirable. Your ability to analyze complex security data, identify patterns, and provide actionable insights will be critical. This is an exceptional opportunity to make a significant impact on the security posture of a rapidly growing, innovative company.
• • You will contribute to building a secure foundation for our digital engineering platform, ensuring that our customers can confidently leverage our technology to achieve their most ambitious goals. Your work will directly support our mission of creating the world's leading industrial metaverse, a space where innovation thrives securely and efficiently.