Information Security Engineer

United States, New York
Permanent
Job ID: 2293

Job Description


[Up to c. $950k Comp Package (including a Base Salary of up to $600k) | Hybrid Working - 3 Days in Office]

Join a pioneering scientific research team in New York as a Security & Information Security Engineer, helping safeguard advanced computational platforms, infrastructure, data, and software systems. This hybrid role bridges technical systems knowledge with information security expertise - working closely with infrastructure and engineering teams to interpret architectures and turn them into clear, actionable vulnerability insights. It’s a strong fit for someone who’s moved from hands-on red-teaming or offensive security into an advisory capacity - able to identify flaws and recommend effective solutions without actively developing exploits. Strong technical acumen, documentation skills, and collaborative stakeholder engagement are essential...


Key Responsibilities

  • Conduct thorough evaluations of systems, applications, and infrastructure to identify security weaknesses
  • Produce well-structured reports detailing vulnerabilities and recommended mitigations
  • Collaborate across teams to interpret technical findings and drive remediation efforts
  • Assist in designing and maintaining cybersecurity policies and formalised guidance
  • Integrate security considerations into system and software design from the outset
  • Own the process for tracking remediation status and ensuring accountability
  • Represent the security team in executive reporting and technical discussions
  • Maintain strong working knowledge of current cyber threats, CVEs, and MITRE ATT&CK frameworks


What You’ll Bring...

  • 5-10 years of cybersecurity experience, ideally with a red-team or penetration testing background and subsequent advisory experience
  • Proficient in identifying software, architectural, or configuration flaws
  • Skilled in translating technical issues into clear, executable recommendations
  • Strong interpersonal and presentation skills - comfortable engaging with diverse technical and non-technical stakeholders
  • Well-versed in threat modelling, risk assessment, and CVE documentation
  • Solid grasp of Linux environments, security protocols, and endpoint security considerations
  • Skilled in scripting or coding (Python preferred) for analysis and report automation
  • Familiarity with DevSecOps, SIEM, DLP, or EDR platforms
  • Certifications such as OSCP, CISSP, or similar


...

Apply for this role

All fields marked with * are required.

I confirm I have a pre-existing Right to Work in this location *

Back to Job Listings