We're looking for a Senior or Staff Compliance Engineer to join an established team and help build a new wave of relationships in the federal space.

Logistics: Hybrid in NYC (3 days per week)

Compensation: $160-230k in addition to an annual bonus and stock options.

What you'll be doing:

• Work side by side with engineering and product resources to define security and compliance requirements for new features and services
• Build threat models, testing plans, and validation strategies to ensure a high secure bar for the system
• Review code, infrastructure, and architecture for common security flaws, as well as bespoke, business logic flaws
• Manage penetration tests of critical features
• Assist in managing audits and compliance requirements on an ongoing basis
• Bridge and facilitate communication between engineering teams and other parts of the Security organization

What's required of you:

• 4+ years of experience working as a security engineer
• You understand how to analyze a system and look for potential threats at every stage of the SDLC. You have experience with system design reviews, threat modeling, and common vulnerabilities in Web and Mobile applications
• Hands on experience with cloud-based architectures, especially those built on AWS, Kubernetes, and Docker
• Solid understanding of networking and operating systems
• You can write scripts, and you are proficient in one (or more) of the following languages: Java, Javascript, Python
• You have excellent analytical skills, strong organizational and project management skills, and the ability to prioritize and manage multiple tasks and deadlines.
• You are a strong communicator who can explain security concepts to a variety of audiences and levels, as well as work collaboratively across technical and non- technical teams
• You are comfortable with high levels of autonomy and delivering on complex goals
• You have experience with regulatory and compliance frameworks like NIST 800-53, PCI DSS, and FedRAMP, as well as Identity and Authenticator Assurance Levels like IAL2 and AAL2

Overview:
We are seeking an experienced Application Security Manager to lead and enhance our application security program. This role will be pivotal in embedding security into the SDLC, guiding secure development practices, and ensuring the security of our software products.

Logistics: 100% Remote in the European Union or United Kingdom

Salary: €130,000 - €140,000 (EUR)

Key Responsibilities:

• Lead the application security team and collaborate with product, engineering, and DevOps teams.
• Integrate SAST, DAST, and manual code reviews into CI/CD pipelines.
• Develop and enforce secure coding standards and security best practices.
• Manage vulnerability assessments, threat modeling, and remediation efforts.
• Drive security awareness and training for development teams.
• Ensure compliance with industry regulations and security frameworks (e.g., OWASP, NIST).

Qualifications:

• 5+ years of AppSec or software security experience, with at least 2 years in a leadership role.
• Strong knowledge of secure software development and cloud-native architectures.
• Hands-on experience with SAST, DAST, IAST, and threat modeling tools.
• Familiarity with DevSecOps practices and CI/CD integration.
• Excellent communication and leadership skills.

Preferred:

• Experience with SaaS environments and modern software stacks.
• Security certifications (e.g., CISSP, CSSLP, OSCP) are a plus.

Hampton North is a fast-growing cybersecurity staffing agency seeking a Cybersecurity Recruiter to source, attract, and hire top talent within the cybersecurity industry. As a key member of our team, you will play a vital role in identifying skilled professionals to support our agency’s mission to secure digital assets for global clients. You’ll work closely with hiring managers and candidates to ensure a smooth and efficient recruitment process, focusing on positions such as penetration testers, security analysts, security engineers, and other critical cybersecurity roles.

What you’ll be doing:

• Full-Cycle Recruiting: Manage the full recruitment process from sourcing, screening, interviewing, and negotiating job offers to onboarding candidates (instead of full-desk/360, you’ll be closer to 270).
• Sourcing & Talent Pipeline: Build and maintain a pipeline of cybersecurity talent through proactive and unique sourcing techniques, including job boards, professional networks (LinkedIn, GitHub, etc.), social media, and referrals.
• Job Postings: Write compelling job descriptions and post on relevant job boards and platforms per our guidelines. Ensure job listings accurately reflect the required qualifications and company values.
• Candidate Screening: Review resumes and assess candidate qualifications based on technical skills, experience, and cultural fit within the cybersecurity, engineering, and potentially out of market-center domains.
• Interview Coordination: Schedule and conduct initial phone screenings, provide feedback to candidates, and coordinate technical assessments and interviews with hiring managers.
• Networking & Outreach: Engage with cybersecurity communities, attend virtual events or webinars, and leverage industry contacts to find qualified candidates.
• Branding: Be a part of internal Hampton North’s branding involvement including LinkedIn posting, Hampton Hangouts, and other initiatives on social media.
• Data Management: Maintain accurate candidate records in the applicant tracking system (ATS) and provide regular reports on recruitment metrics and KPIs.

Key Qualifications:

• Experience: Minimum 2 years of experience as an agency recruiter, with at least 1 year recruiting for cybersecurity or technical roles.
• Sourcing Skills: Expertise in using recruiting platforms (LinkedIn Recruiter, Indeed, GitHub, etc.), applicant tracking systems, and creative Boolean search techniques. We look for some hard-to-find folks, and we need you to be determined in finding them.
• Communication: Excellent verbal and written communication skills, with the ability to build relationships with candidates and internal stakeholders.
• Adaptability: Ability to manage a high volume of open and diverse positions, and work effectively in a fast-paced, remote environment.
• Remote Work Skills: Strong self-management, time-management, and organizational skills to thrive in a fully remote position. Our slack is our office so we expect you to be online and active even though remote.

Preferred Qualifications:

• Be a culture “add,” not a culture “fit”
• Active participant in our occasional tom-foolery

What’s cool about us?

• Competitive salary (yes, not a draw) with performance-based incentives and commission structures.
• Flexible working hours in a fully remote setup
• Highly competitive benefits, flexible PTO (you take what you need), holidays off (even a winter shutdown), and more
• Opportunities and commitment towards career development and continuous learning
• Access to cutting-edge cybersecurity knowledge and industry events (we’ve been to Blackhat, BSides, and more)
• Trips to see the team every quarter (we’ve been to LA, Boston, NYC, Tampa, and going to London this December!)

Role Overview:
We are seeking an ETL Security Engineer to lead the development, optimization, and management of data pipelines for security operations. This role involves designing and refining ETL (Extract, Transform, Load) workflows to ensure seamless data integration across various platforms, with a focus on performance, security, and scalability. You will work closely with stakeholders to align ETL processes with business goals while mentoring team members and driving continuous improvement.

Logistics: 100% Remote, US

Salary: $130,000-$160,000

Key Responsibilities:

• Design, implement, and optimize data pipelines for efficient transformation and normalization across security platforms.
• Ensure ETL tools and platforms function at optimal levels to support security operations.
• Provide support and guidance for data integration across operating systems, applications, and networks.
• Maintain detailed documentation for ETL workflows and related security processes.
• Plan and execute security initiatives focused on enhancing ETL capabilities.
• Collaborate with stakeholders to align ETL objectives with business needs.
• Offer security-focused recommendations throughout the design and maintenance of ETL workflows.
• Participate in on-call rotations to provide off-hours support as required.
• Occasional travel may be required for specific projects.

Qualifications and Skills:

• Extensive experience in designing and managing data pipelines, including data transformation and normalization.
• Familiarity with security tools for data enrichment, such as intrusion detection and threat management platforms.
• Knowledge of log aggregation, correlation, and hybrid cloud environments.
• Experience with ETL platforms (e.g., Talend, Informatica, Apache NiFi).
• Proficiency with Infrastructure-as-Code tools (e.g., Terraform, CloudFormation).
• Familiarity with host-based security tools (e.g., IPTables, ModSecurity, HIDS).
• Working knowledge of virtualization technologies (e.g., VMware, KVM, Hyper-V).
• Strong project management skills with experience using ticketing systems to track and resolve incidents.
• Understanding of ITIL practices, including request, incident, and change management.
• Proven leadership skills to guide junior team members and manage projects effectively.

What You Bring:

• Prior experience as a Senior ETL Engineer or in a similar data-centric role.
• Expertise in modern data pipeline design and best practices.
• Strong background in Linux and Windows operating systems.
• Experience automating workflows using scripting languages.
• Understanding of ETL tools and their integration within security environments.
• Familiarity with asset management platforms.
• Experience working within large-scale enterprise environments.
• Foundational understanding of networking principles.
• Proven ability to troubleshoot and manage complex systems.
• Strong communication skills with a focus on documentation and knowledge sharing.
• Ability to perform effectively in fast-paced, high-pressure environments.
• Collaborative mindset, fostering teamwork and continuous learning.
• Commitment to improving ETL processes and security practices.
• Ensure ETL workflows are secure, scalable, and aligned with security objectives.
• Identify and address recurring issues through innovative solutions.
• Advocate for best ETL practices across the organization.

Role Overview:
We are seeking a Senior DLP Security Engineer to take charge of implementing, managing, and optimizing our data protection solutions. This role requires deep expertise in data loss prevention (DLP) technologies and offers the opportunity to drive security initiatives focused on safeguarding sensitive information across diverse environments. You will work with cross-functional teams, provide guidance on security practices, and ensure that data protection objectives align with business goals.

Logistics: 100% Remote, US

Salary: $140,000-$160,000

Here's what you'll be doing:

• Deploy, configure, monitor, and manage DLP tools to ensure optimal performance.
• Oversee access management and health monitoring for DLP platforms.
• Provide support for data collection and classification across systems, applications, and networks.
• Develop dashboards, reports, and analytics to enhance visibility into DLP operations.
• Maintain and refine documentation related to DLP tools and security practices.
• Plan and execute security projects aimed at improving data protection strategies.
• Collaborate with stakeholders to ensure security objectives are properly defined and met.
• Offer security-centric guidance throughout system design, deployment, and maintenance.
• Continuously improve security guidelines and elevate standards for data protection.
• Provide after-hours on-call support as part of a rotation schedule.
• Occasional travel may be required for special projects or initiatives.

And here's what you'll need:

• Proven experience in implementing and managing DLP platforms.
• Strong understanding of data protection principles, regulations, and industry best practices.
• Familiarity with intrusion detection, threat management, and vulnerability management tools.
• Experience working in cloud, on-premises, and hybrid cloud environments.
• Knowledge of host-based security tools (e.g., IPTables, ModSecurity, HIDS, FIM).
• Experience with virtualization technologies (e.g., VMware, KVM, Hyper-V, OpenStack).
• Strong problem-solving abilities to analyze and address security challenges.
• Ability to lead security projects from planning to successful completion.
• Effective communication skills to convey policies and procedures clearly to stakeholders.
• Collaborative mindset with the ability to work well in cross-functional teams.
• Commitment to staying current with emerging security technologies and threats.
• Experience tracking and resolving incidents using ticketing systems.
• Knowledge of ITIL practices, including request, incident, and change management.
• Leadership skills with experience mentoring junior staff and managing projects.

What You Bring:

• Previous experience in a senior DLP engineering or related role.
• Strong knowledge of modern data protection vulnerabilities and mitigation strategies.
• Proficiency with DLP platforms and tools.
• Solid background in Linux and Windows operating systems.
• Experience scripting and automating processes for greater efficiency.
• Understanding of asset management and IT infrastructure in enterprise environments.
• Foundational knowledge of networking concepts.
• Proven ability to troubleshoot complex systems effectively.
• Strong documentation skills and attention to detail.
• Ability to thrive in a fast-paced, dynamic environment.
• Team-oriented mindset, focusing on collaboration and continuous learning.
• Passion for improving data protection practices and security engineering.
• Ensure data protection is integrated into all security platforms and solutions.
• Design and maintain scalable, reliable, and secure data protection systems.
• Develop and enforce best practices for data protection tools and processes.
• Identify systemic challenges and propose scalable solutions.
• Advocate for data protection best practices within the organization.

Role Overview:
We are seeking a Senior SIEM Engineer to take on key responsibilities in managing and optimizing security infrastructure at scale. In this role, you’ll have the opportunity to solve complex technical problems, develop new solutions from scratch, and contribute to security initiatives across diverse environments. You'll operate with a high level of autonomy while being supported by senior leadership.

Salary: $140,000-$170,000

Logistics: 100% Remote, US

Here's what you'll be doing:

• Install, configure, and maintain SIEM platforms to ensure peak performance.
• Provide expertise in data collection across operating systems, applications, appliances, and networks.
• Develop dashboards, reports, and analytics to improve visibility and monitoring using SIEM tools.
• Maintain and enhance engineering and security documentation.
• Lead security engineering projects to improve and scale infrastructure.
• Collaborate with stakeholders to align security goals with business objectives.
• Provide security-focused guidance throughout design, deployment, and maintenance phases.
• Continuously improve security standards and practices for both new and existing infrastructure.
• Participate in on-call rotations for after-hours support when needed.
• Occasional travel may be required for specific initiatives.

And here's what you'll need:

• Strong understanding of data normalization, log aggregation, and correlation.
• Experience with intrusion detection and threat management tools.
• Expertise with SIEM platforms (e.g., Splunk, Elastic, Graylog, Securonix).
• Familiarity with hybrid, cloud, and on-premises environments.
• Proficiency with Infrastructure-as-Code tools (e.g., Terraform, CloudFormation).
• Experience with host-based security tools (e.g., HIDS, IPTables, ModSecurity).
• Working knowledge of configuration management tools (e.g., Ansible, Puppet, Salt, Chef).
• Experience with virtualization technologies (e.g., VMware, KVM, Hyper-V, OpenStack).
• Strong leadership abilities with experience mentoring junior team members.
• Skilled in incident, request, and change management processes using ticketing systems.
• Prior experience in a security engineering role focused on SIEM platforms.
• Strong working knowledge of Linux and Windows operating systems.
• Familiarity with scripting and automation to streamline workflows.
• Understanding of EDR and MDR platforms for enhanced threat detection and response.
• Demonstrated ability to troubleshoot and manage complex systems.
• Strong communication skills with the ability to document processes and share knowledge effectively.
• A collaborative mindset, with the ability to work effectively across teams and mentor others.

Role Overview:
We are a fast-growing technology company seeking a Senior Incident Response Analyst to join our security team. In this role, you will play a critical part in managing and responding to security incidents, working closely with stakeholders to mitigate risks and strengthen defenses. This position provides the opportunity to collaborate with experienced professionals and develop your expertise in incident response and threat detection.

Logistics: Onsite in Dundalk, Ireland

Salary: €90,000- €100,000 

Here's what you'll be doing:

• Manage and triage security incidents, including containment and eradication of confirmed threats.
• Coordinate with impacted teams to ensure remediation actions are effectively implemented.
• Communicate security incidents to relevant stakeholders promptly and clearly.
• Produce detailed and accurate incident reports.
• Conduct proactive threat hunting to identify and address emerging risks.
• Monitor for suspicious activity, investigate potential incidents, and respond to real-time security events.
• Perform basic malware analysis using sandbox environments and static review of scripts (e.g., PowerShell, HTML).
• Provide guidance and mentorship to junior analysts to support their development.

And here's what you need:

• Experience in incident response, threat management, and security monitoring.
• Familiarity with malware analysis techniques and basic scripting review.
• Strong communication skills for incident reporting and stakeholder engagement.
• Ability to thrive in a fast-paced environment, responding to incidents in real time.
• Demonstrated ability to mentor and guide less experienced analysts.
• Collaborative mindset with a focus on continuous improvement in security operations.

This role offers a unique opportunity to grow within an innovative environment, working on complex security challenges and helping to secure critical infrastructure.

We are a forward-thinking technology company seeking a seasoned Insider Threat Analyst to join our innovative security team. In this role, you will protect our organization’s critical data and intellectual property by identifying and addressing insider threats. You’ll build and optimize detection programs, monitor for anomalous behavior, and develop preventive measures to safeguard sensitive information. Close collaboration with cross-functional teams will be essential to strengthening our security posture and providing strategic insights into potential internal risks.

Logistics: 100% Remote, US

Salary: $110,000-$120,000/year

Here's what you'll be doing:

• Utilize Data Loss Prevention (DLP) technologies to detect and mitigate insider threats, ensuring data confidentiality and reducing risks of data breaches.
• Manage insider threat incidents through the full lifecycle, including containment, mitigation, and resolution.
• Collaborate with stakeholders to implement effective remediation strategies for confirmed threats.
• Communicate insider threat incidents promptly to relevant stakeholders.
• Provide detailed, accurate reports and dashboards to monitor insider activities and highlight data protection metrics.
• Lead both proactive and reactive threat hunts to detect potential malicious behavior.
• Participate in data security initiatives focused on identifying and reducing internal risks.
• Take part in an on-call rotation to provide off-hours support when necessary.
• Offer mentorship and guidance to junior analysts to promote team growth and expertise.

And here's what you need:

• Proven experience with insider threat programs and managing DLP solutions to prevent data exposure and unauthorized access.
• In-depth knowledge of information security principles, insider threat tactics, and data protection regulations.
• Familiarity with security frameworks, threat indicators, and incident management practices.
• Hands-on experience with DLP tools and insider threat detection platforms.
• Ability to analyze security events in real-time and respond swiftly to mitigate risks.

About the Role:

We are a forward-thinking technology company seeking a Threat Detection Engineer to join our dynamic team. In this position, you will play a key role in supporting our Security Operations Center (SOC) by assisting with the triage, review, and management of security events. You’ll collaborate closely with experienced cybersecurity professionals while developing processes that protect our organization and clients from emerging threats.

Salary: $110,000-$120,000 per year 

Logistics: 100% Remote, US

Here's what you'll be doing:

• Investigate and respond to phishing attempts and other malicious emails.
• Monitor systems and networks to identify potential security risks.
• Oversee and monitor High-Value Assets (HVAs) to maintain their security and operational integrity.
• Categorize and prioritize security events based on severity and impact.
• Maintain thorough documentation of security events and manage workflows for further investigation and escalation.
• Conduct proactive threat hunting to identify signs of malicious activity.
• Provide assistance with general inquiries regarding cybersecurity practices.
• Offer mentorship and guidance to junior analysts within the team.

And here's what you need:

• Prior experience as a systems administrator with a focus on security, or as a cybersecurity analyst, is essential.
• Strong communication skills and experience managing projects independently.
• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Industry-recognized certifications such as Security+ (SEC+), SSCP, GISF, GSEC, GSOC, or Microsoft Security Compliance and Identity Fundamentals.
• Broader certifications like CCNP, Network+, Linux+, or CISA are a plus.

What You’ll Bring to the Team:

• Consistent and accurate handling of SOC deliverables, including incident triage and review.
• Contributions to the development and refinement of SOC processes, procedures, and templates.
• Solid understanding of key security concepts, with the ability to apply best practices effectively.
• 3-5+ years of experience in cybersecurity, information security, or related fields.
• Familiarity with IT support, helpdesk, or cross-functional roles, offering a well-rounded understanding of security within complex IT environments.

Position Overview:

As a Product Security Engineer, you will work closely with our engineering and DevOps teams to ensure our cloud-native SaaS products are secure by design. You will be responsible for identifying, assessing, and mitigating security vulnerabilities in AWS and Terraform configurations, while implementing robust security controls across the product lifecycle.

Salary: 160-190k base + 10-15% bonus

Logistics: 100% Remote in the US

Work authorization: Must be a US Citizen or permanent resident

Key Responsibilities:

• Conduct security reviews of architecture, design, and code for our cloud-native SaaS products.
• Identify and remediate security vulnerabilities in AWS cloud environments and Terraform infrastructure as code (IaC) configurations.
• Collaborate with development teams to integrate security best practices throughout the software development lifecycle.
• Implement and manage automated security testing tools (e.g., SAST, DAST) and processes for continuous security validation.
• Conduct threat modeling and risk assessments for new and existing products.
• Develop and maintain security documentation, policies, and procedures.
• Stay up-to-date on the latest security trends, threats, and technologies to continuously improve our security posture.

Qualifications:

• 5-7 years of experience in Product Security, Application Security, or a related field.
• Strong hands-on experience with AWS security (IAM, VPC, EC2, S3, CloudTrail, etc.) and Terraform IaC configurations.
• Demonstrated ability to find and fix security vulnerabilities in cloud-native architectures.
• Familiarity with common security frameworks and best practices (OWASP, NIST, CIS Benchmarks).
• Experience working with DevOps and CI/CD pipelines to implement security automation.
• Strong understanding of encryption, authentication, and security protocols.
• Excellent problem-solving skills and the ability to work independently as well as in a team environment.
• Strong communication skills to articulate security issues to both technical and non-technical stakeholders.

Preferred Qualifications:

• Certifications such as CISSP, AWS Certified Security Specialty, or relevant cloud security certifications.
• Experience with container security (Docker, Kubernetes).