Cybersecurity Defense Engineer

Vannevar Labs builds next generation defense software for the public servants keeping our country safe. As a team, we exist because we believe in public service, and we think that our democracy and government improve only if we put serious, collective effort into improving them, including the technology our government uses. This mission has become urgent. Ukraine is engaged in a war for survival with Russia. China regularly flies nuclear-capable bombers into Taiwan and Japan’s airspace. The US and our allies are fighting a war of deterrence with woefully outdated technology. We build software to support these missions, including providing battlefield information to allies, identifying malign activity, and helping the US deter and deescalate conflict. We are a profitable growth startup with some of the best defense investors in the world, including General Catalyst, DFJ Growth, Point72, and enterprise tech investors Costanoa and Felicis. 

About the role

As a Cybersecurity Defense Engineer, you will be responsible for conducting Blue Team operations for Vannevar Labs, ensuring our ability to operate and deliver for our customers. You will work closely with our IT, security, and DevOps teams as well as collaborate with our security vendors to implement robust security monitoring, alerting, incident response, disaster recovery, and threat hunting processes. Your expertise will be crucial in defending against cyber threats and ensuring our systems and data remain secure.

What You'll Do

• Build security monitoring, incident response, and vulnerability management processes and procedures for corporate IT assets  
• Create security monitors and alerts in corporate SIEM  
• Triage and investigate alerts and findings  
• Lead incident response efforts, including investigation, containment, eradication, and recovery
• Evaluate and implement secure configurations for IT products and endpoints
• Coordinate with internal stakeholders and external security services
• Identify risks to corporate assets and implement remediations  
• Track security findings and maintain security documentation
• Stay up to date with emerging technologies, trends, and best practices

What we look for

• Experience with scripting and automation using bash or shell
• Experience with security monitoring of corporate IT systems
• Understanding of vulnerability management for endpoints and enterprise software
• Ability to work in an Infrastructure as Code and GitOps environment
• Familiarity with AWS, Azure, Microsoft 365, CrowdStrike Falcon, and DataDog
• Practical knowledge of digital forensics as part of incident response
• Strong problem-solving, teamwork, and communication skills

…