Cramium Labs (www.cramiumlabs.com) is a division of CrossBar, Inc. (www.crossbar-inc.com) designing microcontrollers based on ARM M-series and Risc-V CPUs with peripherals including advance security accelerators and countermeasures.

About the Role:

We are seeking a hands‑on Security Operations engineer to build and run our SecOps function. You will embed security controls into our delivery pipelines (cloud‑native, mobile, embedded), automate threat detection and response, and partner closely with Dev, IT, and product teams to harden our products and infrastructure.

Key Responsibilities:

• SecOps Roadmap & Delivery: Define and execute the SecOps roadmap—design, implement, and operate security controls across CI/CD, infrastructure, and applications.
• Pipeline Security: Collaborate with Cloud/Mobile Software teams to integrate DCA/SAST/DAST tools (e.g. Blackduck) into CI/CD and clarify DevOps vs. SecOps responsibilities.
• Embedded & Device Security: Work with the Embedded Software team to deploy and maintain code‑signing, firmware‑deployment tooling, and post‑sale update processes.
• Threat Detection & Response: Configure and operate SIEM/CNAPP platforms (e.g. Google Security Command Center), author alert rules, drive root‑cause investigations, and coordinate remediation.
• Access & Identity Management: Implement and enforce IAM policies, MFA, RBAC; automate user provisioning/de‑provisioning.
• SSO & Access Matrix: Roll out and manage single sign‑on (Okta or equivalent) for all teams, define and maintain a responsibility matrix that enforces least‑privilege access.
• Automation & Tooling: Develop Python/Bash scripts and workflows for vulnerability scanning, patch management, incident response, and drift detection.
• Incident Management: Lead or support incident response, including forensic analysis, containment, and post‑incident reporting.
• Vulnerability Management: Plan and execute regular vulnerability assessments, penetration tests, and risk analyses; track and close findings.
• High Availability & Backup: Automate daily encrypted backups (repos + databases) and maintain a warm‑standby environment for rapid fail‑over.

Requirements:

• Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience.
• 3–7 years in SecOps, DevSecOps, or security engineering roles with strong scripting/coding skills (Python, Bash).
• Proven experience integrating security into CI/CD and Infrastructure as Code (Terraform, CloudFormation, etc.).
• Hands‑on familiarity with SIEM/CNAPP, container security (Docker, Kubernetes), and cloud platforms (GCP, AWS, Azure).
• Solid track record in incident response and vulnerability management.
• Excellent analytical, problem‑solving, and communication skills under pressure.
• Optional certifications: CISSP, CEH, CompTIA Security+, AWS Certified Security – Specialty, CKS.
• Title and compensation dependent on candidate qualifications and experience.

We offer medical, dental, vision, life, AD&D, STD, and LTD insurance programs, 401K Plan, and Paid Time Off. Interested candidates please turn in your resume with your compensation expectation when apply. Crossbar is an Equal Employment Opportunity Employer.