CyberSecurity & Identity Protection Engineer (Tier 3)

BlackCloak's mission is to protect corporate executives and high-profile individuals in their personal lives, mitigating risks to their families, companies, reputation, and finances. We defend our clients' digital lives from hackers, privacy leaks, and identity theft. If you are passionate about helping to protect others, then keep reading - this may be your next great opportunity.


BlackCloak is currently looking for a Cybersecurity & Identity Protection Engineer to provide a comprehensive "digital bodyguard" service for our clients. This unique hybrid role requires a technical expert who can secure an endpoint and network infrastructure just as effectively as they can protect a personal credit profile. This individual will have a strong familiarity in EDR solutions, including but not limited to CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, Carbon Black, and Sophos Intercept X. The CyberSecurity & Identity Protection Engineer position is vital to our team as they will provide analysis to solve problems for our clients. If you have a genuine interest in cybersecurity and privacy, along with a strong drive to enhance your knowledge in these domains, this position presents an outstanding opportunity for advancing your cybersecurity career.

This role primarily involves technical and incident response duties while providing subject matter expertise as needed. You will be responsible for the full spectrum of client safety: managing EDR solutions and conducting vulnerability assessments to harden assets, while simultaneously overseeing identity monitoring platforms to detect credit, SSN, and PII anomalies. You will act as the first line of defense in detecting fraud and the primary advocate in restoring a client's identity should a breach occur. You will also help to manage security incidents, collaborating with other teams to conduct post-incident remediation activities. Lastly, you will also be the architect of our efficiency-leveraging Automation, SOAR, and AI to streamline our workflows, reduce reaction times, and ensure our services can scale without compromising quality. If you possess exceptional client engagement skills, a deep understanding of security threats and attacks, and extensive experience in technical security roles, we strongly encourage you to submit your application.

What You Will Do

• Deploy and configure Endpoint Detection and Response (EDR) agents across client environments. Customize detection policies to minimize false positives and ensure seamless client business operations.
>
• Analyze EDR telemetry to detect "living off the land" attacks and anomalies that traditional antivirus would miss.
>
• Actively monitor client endpoints for malicious indicators. When threats are detected, immediately isolate compromised devices and communicate the scope of the incident to the customer and cross-functional teams supporting the customer.
>
• Generate monthly executive summaries for clients detailing blocked attacks, health status, and ROI on their security investment.
>
• Schedule and run next-gen vulnerability scans on client networks and execute penetration tests as applicable against client assets.. Review the results with the client's (or their IT point-of-contact), prioritize critical patches, and verify their remediation.
>
• Monitor for threats and vulnerabilities specific to "Smart Home" and Internet of Things (IoT), alert impacted clients, and assist clients in the hardening of their home networks and IoT devices.
>
• Proactively monitor the Dark Web and criminal forums for our clients' compromised credentials, leaked intellectual property, or domain spoofing.
>
• Work with cross-functional teams to alert clients immediately upon discovery of leaked data and provide specific instructions on changing passwords or locking down accounts.
>
• Manage the credit monitoring platform, and alert clients to changes in credit scores, new credit inquiries/accounts and other identity alerts that could indicate fraudulent activity.
>
• In conjunction with Client Success Managers, serve as the dedicated case manager for confirmed identity theft incidents. Handle the end-to-end resolution process so the client does not have to navigate the bureaucracy alone.
>
• Assist in the restoration of compromised accounts, including synthetic identity fraud, medical identity theft, and tax refund fraud.
>
• Actively hunt for client PII on people-search sites and data broker databases. Manage the "opt-out" and removal process to minimize their public attack surface.
>
• Identify repetitive manual tasks (e.g., alert triage, monthly reporting, initial containment) and build SOAR playbooks or scripts (Python/PowerShell) to automate them.
>
• Evaluate and implement AI-driven tools to enhance threat detection accuracy. Utilize Machine Learning features within our stack to reduce "alert fatigue" and false positives.
>
• Continuously assess our toolset's architecture. optimize API integrations between our Identity platforms, EDR, and ticketing systems to ensure we can handle increased client volume without linear headcount growth.
>
• Conduct "Post-Mortem" reviews after incidents or complex identity cases to identify process gaps, updating standard operating procedures (SOPs) to be faster and smarter next time.
>
• Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
>
• Develop custom scripts, tools, or methodologies to enhance our Incident Response processes
>
• Develop comprehensive and accurate reports of forensic findings and Incident Response activities for both technical and executive audiences
>
• Be part of an on-call rotation and escalation team
>
• Participate in knowledge transfer sessions, product training and other strategic initiatives as needed
>
• Maintain working knowledge of BlackCloak's solutions, platform features and best practices
>
• Mentor and support Client Success and Security Team Members
>
• Work closely with the engineering and product teams to continuously improve BlackCloak products
>
• Perform research and development on the latest cyber security attack and defense trends
>
• Work with the sales team to do technical demonstrations and provide subject matter expertise
>
• This position will require occasional time on nights and weekends to address client incidents, emergency onboardings and issues. There is a potential for limited travel
>

What You Need to be Successful

• 3-5+ years of experience in Cybersecurity, Fraud Analysis, or Security Engineering
>
• A college degree in an Information Technology (IT/CS/CE) related discipline is a plus, with equivalent experience also considered
>
• Industry recognized information security certifications a plus:
  
  • CISSP
  >
  • CCSP
  >
  • CFCE
  >
  • GIAC
  >
  • OSCP
  >
  • OSCE
  >
  • Security+
  >
  • CEH
  >
• Privacy and identity theft risk management certifications a plus:
  
  • CIPP
  >
  • CIPA
  >
• Penetration and vulnerability testing experience
>
• Windows and macOS forensic investigation and vulnerability management experience
>
• Experience in deploying, managing, and optimizing EDR tools to effectively detect, respond to, and mitigate threats
>
• Being able to correlate assets across multiple systems to ensure operational clarity and coverage is a must.
>
• Experience developing detection alerting using automation, orchestrating detection logic to trigger responses, and developing efficient security workflows.
>
• Experience with client service, communicating complex technical concepts, and a strong analytical mind required.
>
• Technical knowledge of operating systems such as Windows, macOS, iOS, Android, Linux
>
• Solid understanding of the US Credit System (Bureaus, FICO, FCRA rights).
>
• Experience managing identity monitoring platforms (alerts on Credit, SSN, PII)
>
• Operate independently and efficiently to manage multiple tasks and priorities simultaneously and successfully
>
• High degree of interpersonal communication skills and discretion for client privacy
>

$110,000 - $130,000 a year

Final offer amounts are determined by multiple factors, including but not limited to geographic location as well as candidate experience and expertise, and may vary from the amounts listed above.

About BlackCloak

BlackCloak is an extremely fast-growing company in an entirely new product category. We have amazing product fit validated by industry awards and an impressive client base of Fortune 500 companies across all industries.


BlackCloak offers a competitive salary, exceptional benefits, and a dynamic work environment. Below is a quick summary of BlackCloak's generous benefits package for full-time employees includes:

- 100% Remote Company, within the USA

- Comprehensive Medical, Dental, and Vision plans with a 100% employer-paid monthly premium option for employees & 50% employer-paid monthly premiums for dependents.

- Health Savings Account with company contribution for eligible medical plans.

- Flexible Vacation Plan

- 10 Paid Company Holidays

- 100% employer-paid Life, AD&D and Short- and Long-Term Disability Insurance

- 401k with Traditional and Roth options, including employer match.

- Company Equity

- Paid Parental and Pregnancy Recovery Leave

- Company and team off-sites and virtual events throughout the year

- Home office stipend


We are an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military service status, citizenship, or other protected characteristic.

Learn More about Us

Website:

LinkedIn: /blackcloak

Twitter: @BlackCloakCyber

White Paper:

#liremote


We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.