Cyber Security Engineer

CYBER SECURITY ENGINEER

At RUSH, we design, build, and manage purposeful digital experiences that improve people's lives. We're a team that takes pride in doing meaningful work, doing it well, and enjoying the ride, if that sounds like your kind of place, we'd love to hear from you.

What you will do:

• Design and configure the Azure security stack: WAF, Front Door, Microsoft Defender for Cloud, Azure Monitor SIEM, and Key Vault


•  Define and implement identity and access management patterns using Microsoft Entra ID B2C, MFA flows, SCIM provisioning, and OpenID Connect


•  Integrate and operate SAST and DAST tooling within Azure DevOps CI/CD pipelines, with automated scanning and alerting on every build


• Configure Wiz for continuous cloud security posture management across all environments, including misconfiguration detection and compliance drift alerting


• Operate Vanta for continuous ISO 27001 and SOC 2 Type II compliance monitoring and audit readiness


•  Conduct and coordinate penetration testing and configuration reviews, producing evidence reports for client review


• Manage comprehensive audit logging, incident response runbooks, and privileged access controls


• Lead security incident response, acting as the primary point of contact for clients during any information security event


•  Provide secure development advisory to the engineering team, embedding OWASP and NIST SSDF principles into day-to-day practice


• Contribute security-specific stories and acceptance criteria to the delivery backlog each sprint

What you'll bring:

- 5+ years of hands-on cyber security engineering experience in enterprise environments, with a strong cloud security focus
- Deep practical experience with Azure security services: Defender for Cloud, Azure Monitor, WAF, Key Vault, Front Door, and Microsoft Entra ID
- Hands-on experience with Wiz or a comparable CSPM platform (Prisma Cloud, Orca, etc.)
- Experience with SAST and DAST tooling in CI/CD pipelines (SonarQube, Checkmarx, Burp Suite, OWASP ZAP)
- Strong understanding of IAM: OAuth 2.0, OpenID Connect, SAML, SCIM, RBAC, and MFA flows
- Demonstrated experience with ISO 27001, SOC 2, or equivalent compliance frameworks
- Familiarity with OWASP Top 10 and NIST SSDF in practical secure development contexts
- Experience coordinating penetration testing engagements and managing findings through remediation
- Ability to lead or contribute to security incident response in a production environment

Why RUSH?

You'll be working on meaningful, complex security challenges for collaborative work that makes a real difference. We're a team that takes pride in doing meaningful work, doing it well, and enjoying the ride, if that sounds like your kind of place, we'd love to hear from you.