Cyber Security Specialist

Company Description

The Cyber Security Specialist will serve as a technical authority within Empyrean's Information Security organization. This role is responsible for implementing, maintaining, and enhancing Empyrean's cybersecurity posture across infrastructure, applications, and cloud environments.

This position requires deep technical expertise in threat detection, incident response, vulnerability management, and cloud security. The Cyber Security Specialist will work cross-functionally with IT, Engineering, and Compliance to safeguard Empyrean's systems and data, ensuring alignment with regulatory and client requirements.

The Cyber Security Specialist acts as a trusted advisor and escalation point for complex security issues, contributing to the design of security architectures and the development of security standards that scale with Empyrean's growth.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Lead advanced threat detection, vulnerability assessment, and incident response activities to protect Empyrean's systems, networks, and applications.
• Administer and optimize security tools such as SIEM, SentinelOne, NetSkope, Entra, EDR, IDS/IPS, firewalls, KnowBe4, Proofpoint, DLP tools, vulnerability scanners, and other security tools to ensure consistent and proactive monitoring.
• Conduct in-depth analysis of security events and alerts, identifying root causes and coordinating remediation with technical teams.
• Collaborate with infrastructure and application owners to embed secure-by-design principles into system architecture and broader control environment.
• Drive initiatives related to cloud security governance, ensuring proper configuration and monitoring of AWS environments.
• Develop and maintain security baselines, hardening standards, and operational procedures to ensure compliance with frameworks such as NIST CSF, SOC 2, ISO 27001, and HIPAA.
• Support the design and execution of penetration tests, exercises, and risk assessments.
• Serve as a key resource for Empyrean's incident response and disaster recovery programs, including forensic investigation and post-incident review.
• Provide technical guidance to team members within the Security Operations function.
• Partner with Compliance and IT leadership to ensure audit readiness and continuous improvement of Empyrean's control environment.
• Evaluate and implement emerging security technologies that enhance protection, detection, and response capabilities.

• Work with other members oof the team to determine suitable controls for exceptions and other initiatives that support business operations.
• Prepare and deliver reports to leadership highlighting Empyrean's security posture, metrics, and improvement initiatives.

NON-ESSENTIAL DUTIES AND RESPONSIBILITIES

• Assist in developing and delivering employee cybersecurity awareness and training programs.
• Participate in internal and external audits and client security assessments as needed.
• Contribute to enterprise risk assessments and cross-departmental process improvement initiatives.
• Represent Information Security in cross-functional meetings and projects to ensure alignment between business objectives and security strategy.

REQUIRED SKILLS AND ABILITIES

• Advanced understanding of cybersecurity principles, technologies, and threat landscapes.
• Expertise in network, endpoint, and cloud security technologies, including SIEM, IDS/IPS, EDR, firewalls, etc.
• Hands-on experience with vulnerability management, penetration testing, and forensic analysis tools.
• Knowledge of secure system design, architecture review, and cloud configuration best practices.
• Familiarity with frameworks and standards such as NIST CSF, ISO 27001, and SOC 2.
• Ability to interpret and apply compliance and regulatory requirements (e.g., HIPAA, SOC, ISO).
• Strong analytical and problem-solving skills with the ability to prioritize and manage multiple tasks effectively.
• Excellent communication and collaboration skills across technical and business teams.
• Proven ability to operate with discretion, sound judgment, and high attention to detail.
• Demonstrated initiative and ownership in developing and executing security improvements.

KNOWLEDGE, EXPERIENCE, AND/OR EDUCATION REQUIREMENTS

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent work experience).
• 3-5+ years of progressively responsible experience in cybersecurity, information security engineering, or security operations roles.
• Background in incident response, vulnerability management, and security engineering.
• Experience with AWS and/or other cloud security tools and configurations.
• Familiarity with IAM systems (Okta, AD, AWS IAM), SIEM platforms (e.g., Splunk, Sentinel), and endpoint protection tools.
• Preferred certifications a plus: CISSP, CISM, CEH, or equivalent advanced cybersecurity certification(s).
• Familiarity with scripting or automation for security operations (Python, PowerShell, etc.) is a plus.

OTHER REQUIREMENTS

• Ability to work on-site or in a hybrid capacity, as required by the role.
• Availability for after-hours support as needed for critical access or incident-related issues.
• Must be authorized to work in the United States without sponsorship.

Disclaimer: This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the job. Management reserves the right to modify or reassign job duties as business needs evolve.

#LI-RZ1

#LI-Remote

Empyrean is an Equal Opportunity Employer: including disability and veterans

---