Security Engineer I

At Cision, we believe in empowering every individual to make an impact. Here, your voice is heard, your ideas are valued, and your unique perspective fuels our collective success. As part of our global team, you'll thrive in an environment that champions curiosity, collaboration, and innovation, all while making meaningful contributions to the brands we accelerate.

Join us in shaping the future of communication and building authentic connections that matter. Whether you're solving complex problems or driving bold innovations, your growth is our success, and together, we'll create the conversations of tomorrow.

Empower your impact at Cision. Be seen, be understood, be you.

This role strengthens and optimizes the organization's security capabilities by reviewing existing tools, applications, and processes to identify gaps. It establishes and maintains cloud security architecture best practices, focusing on cloud platforms and integrates new and existing security platforms. The role collaborates with R&D teams to maintain a secure architecture and analyzes security events for anomalous activity. It contributes to the organization's security posture and ensures a secure environment. The individual works on issues requiring the analysis of relevant factors and exercises considerable judgment within defined procedures to determine appropriate action.

This individual will work across multiple departments to design, implement, and manage security solutions that protect both internal and third party (vendor) systems and customer data. You will play a critical role in ensuring that security practices are aligned with compliance requirements while driving technical solutions for secure systems and data protection across the entire organization.

What You'll Do

What You'll Bring

What We Offer

Responsibilities

• Security Engineering & Architecture: Must have expertise in designing, implementing, and maintaining security architectures across cloud, third-party, and on-premises environments, including evaluating and integrating emerging security technologies.
• DevSecOps: Should possess deep knowledge of embedding security within CI/CD pipelines, establishing security standards, and conducting secure code reviews with development teams.
• Cryptography: Must understand encryption technologies for securing data at rest and in transit, with experience managing cryptographic keys and ensuring compliance with industry standards.
• Identity & Authentication: Requires knowledge of designing and managing secure identity solutions, including Single Sign-On (SSO), Identity Providers (IdPs), and federation protocols such as SAML, OAuth, and OpenID Connect. Familiarity with Okta and Keycloak preferred.
• Secure Coding: Should be proficient in secure coding practices, training teams, and developing standards to prevent vulnerabilities like injection flaws, XSS, and authentication issues.
• Governance, Risk, & Compliance (GRC): Must have a strong grasp of GRC frameworks (e.g., NIST, SOC2, ISO 27001, Cyber Essentials etc) and experience in aligning technical controls with regulatory and audit requirements.
• Threat Management: Requires expertise in performing risk assessments, threat modeling, vulnerability assessments, and mitigation planning to address security risks.
• Incident Response & Monitoring: Should have knowledge of incident response strategies, SOC collaboration, and implementing continuous monitoring tools to ensure compliance and security standards.
• Collaboration & Leadership: Must demonstrate the ability to work with cross-functional teams, mentor junior engineers, and act as a subject matter expert in security technologies, tools, and frameworks.

Requirements

• Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (GDPR, HIPAA, PCI-DSS).
• Hands-on experience with security tools such as IDS/IPS, SIEM, vulnerability scanners, and penetration testing platforms.
• Experience with cloud platforms (AWS, Azure, GCP, OCI or Alibaba) and securing cloud-native applications.
• Proficiency in programming languages (e.g., Python, Java, C++) and automation tools (e.g., Terraform, Ansible).
• Strong knowledge of networking protocols, firewalls, VPNs, proxies, and security monitoring tools.
• 5+ years of relevant experience in security engineering and GRC-focused security solutions development.
• Extensive hands-on experience in DevSecOps, integrating security in CI/CD pipelines, and supporting development teams in secure coding practices.
• Proven expertise in cryptography, including encryption, key management, and digital signatures.
• Strong background

As a global leader in PR, marketing and social media management technology and intelligence, Cision helps brands and organizations to identify, connect and engage with customers and stakeholders to drive business results. PR Newswire, a network of over 1.1 billion influencers, in-depth monitoring, analytics and its Brandwatch and social media platforms headline a premier suite of solutions. Cision has offices in 24 countries throughout the Americas, EMEA and APAC. For more information about Cision's award-winning solutions, including its next-gen Cision Communications Cloud, visit and follow @Cision on Twitter.

Cision is committed to fostering an inclusive environment where all employees can be their authentic selves and perform at their best. We believe diversity, equity, and inclusion is vital to driving our culture, sparking innovation and achieving long-term success. Cision is proud to have joined more than 600 companies in signing the CEO Action for Diversity & Inclusion pledge and named a "Top Diversity Employer" for 2021 by

Cision is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other protected statuses.

Cision is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Cision will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact

Please review our Global Candidate Data Privacy Statement to learn about Cision's commitment to protecting personal data collected during the hiring process.