Senior Cybersecurity Engineer

Role Summary

Senior Cybersecurity Engineer

We are seeking a Senior, hands-on Cybersecurity Engineer with deep technical expertise and a strategic mindset to help lead and advance Travere’s security program. In this role, you will shape and enforce cybersecurity practices, oversee daily security operations, and drive continuous improvement of our managed SOC services. You will play a critical role in managing core security platforms, leading incident investigations, guiding risk assessments, and ensuring audit and compliance readiness, while also managing and driving progress on the company's NIST roadmap.

Responsibilities

• Support and enhance the company’s cybersecurity program in alignment with NIST CSF 2.0 and related frameworks (e.g., NIST SP 800-53, 800-171).
• Manages Travere’s NIST roadmap, driving progress and ensuring it remains current.
• Oversees Travere’s SOC services, including: managing escalations, tuning detection logic, investigating security alerts and incidents, and enhancing SOC workflows and playbooks.
• Operate and maintain key security tools: EDR, SIEM, firewalls, vulnerability scanners, etc.; ensure integration and effectiveness across platforms.
• Administer identity and access management using Okta and Microsoft Entra ID (Azure AD): Enforce MFA, SSO, and lifecycle access controls; oversees the integration and management for any new identity and access management solutions within the infrastructure.
• Manage Travere’s Privileged Access Management (PAM) platform – Delinea “Secret Server”: onboarding privileged accounts, policy enforcement, and ongoing maintenance.
• Perform vulnerability assessments and support remediation efforts with IT and cloud teams.
• Document incidents, systems, tooling configurations, and audit evidence.
• Support SOX, GxP, data privacy, and other compliance initiatives with technical input and control documentation.

Qualifications

• Bachelors degree in related Computer Science discipline. Equivalent combination of education and applicable job experience may be considered.
• 6–8+ years of hands-on cybersecurity engineering or SOC experience.
• CISSP certification required. OSCP, GCIH, or GCIA (or equivalent) preferred.
• Prior experience in a regulated industry (i.e. life sciences, pharma, biotech, fintech).
• Familiarity with SOX, GxP, ISO 27001, and other security/compliance standards.
• Strong command of NIST frameworks and security operations best practices.
• Experience with Okta, Azure/Entra ID, Delinea “Secret Server”, Microsoft Defender, Wiz CNAPP, Cylance/Aurora, Mimecast, Palo Alto; operating in hybrid cloud environments (Windows, Linux, AWS, Azure).
• Scripting/automation experience with PowerShell, Python, or Bash.

Skills

• Ability to translate technical risks into business terms for executives and auditors.
• Experience aligning cybersecurity initiatives with overall business strategy and risk tolerance.
• Experience with third-party/vendor risk management in regulated industries.
• Knowledge of zero trust, OT/IoT security, and AI/ML applications in cybersecurity.
• Experience with Data Security Posture Management (DSPM) or related data discovery/classification tools.
• Strong collaboration, communication, and multitasking abilities; attention to detail.
• Project planning, timelines, budgets, and critical path management.

Education

• Bachelors degree in related Computer Science discipline (or equivalent).

Additional Requirements

• Ability to travel up to 10% domestic.
• Must be able to perform face-to-face work onsite in San Diego; not 100% remote.