Senior Cybersecurity Engineer

Role Summary

Senior, hands-on Cybersecurity Engineer with deep technical expertise and a strategic mindset to help lead and advance Travere’s security program. Shape and enforce cybersecurity practices, oversee daily security operations, and drive continuous improvement of managed SOC services. Manage core security platforms, lead incident investigations, guide risk assessments, ensure audit and compliance readiness, and drive progress on the NIST roadmap.

Responsibilities

• Support and enhance the company’s cybersecurity program in alignment with NIST CSF 2.0 and related frameworks (e.g., NIST SP 800-53, 800-171).
• Manage Travere’s NIST roadmap, driving progress and ensuring it remains current.
• Oversee Travere’s SOC services, including: managing escalations, tuning detection logic, investigating security alerts and incidents, and enhancing SOC workflows and playbooks.
• Operate and maintain key security tools: EDR, SIEM, firewalls, vulnerability scanners, etc., and ensure integration across platforms.
• Administer identity and access management using Okta and Microsoft Entra ID (Azure AD): enforce MFA, SSO, and lifecycle access controls, and oversee integration/management for new IAM solutions.
• Manage Privileged Access Management (PAM) via Delinea “Secret Server”: onboarding privileged accounts, policy enforcement, and maintenance.
• Perform vulnerability assessments and support remediation efforts with IT and cloud teams.
• Document incidents, systems, tooling configurations, and audit evidence; support SOX, GxP, data privacy, and other compliance initiatives with technical input and control documentation.

Qualifications

• Bachelor’s degree in Computer Science or related field; equivalent experience may be considered.
• 6–8+ years hands-on cybersecurity engineering or SOC experience.
• CISSP certification required; OSCP, GCIH, or GCIA preferred.
• Experience in regulated industries (life sciences, pharma, biotech, fintech).
• Familiarity with SOX, GxP, ISO 27001, and other security/compliance standards.
• Strong command of NIST frameworks and security operations best practices.
• Experience with Okta, Azure/Entra ID, Delinea Secret Server, Microsoft Defender, Wiz CNAPP, Cylance/Aurora, Mimecast, Palo Alto; operating in hybrid cloud (Windows, Linux, AWS, Azure).
• Scripting/automation: PowerShell, Python, or Bash.

Skills

• Ability to translate technical risks into business terms for executives and auditors.
• Experience with DSPM or data discovery/classification tools; knowledge of zero trust, OT/IoT security, and AI/ML in cybersecurity.
• Strong collaboration, communication, and organizational skills; ability to manage complex project plans and timelines.
• Travel up to 10% (domestic) and onsite presence in San Diego as required.

Education

• Bachelors degree in related Computer Science discipline; equivalent combination of education and experience considered.

Additional Requirements

• Demonstrated ability to develop and mature enterprise security roadmaps; align cybersecurity initiatives with business strategy and risk tolerance.
• Experience with third-party/vendor risk management in regulated industries.
• Ability to multitask, prioritize, and adapt to changing project plans; strong interpersonal and written communication skills.
• Willingness to travel up to 10% and work onsite in San Diego as needed.