Job Title: Software Cybersecurity Engineer for Flash AI
Location: Central Ohio and Virtual
Job Type: Full-Time, contract
Company Description:
FLASH AI leverages advanced AI technology to enhance the investigative process, providing tools for real-time video analysis, document automation, and streamlined case management. FLASH aims to be the “new DNA” of law enforcement investigations. FLASH improves efficiency and precision in uncovering the truth during investigations.
Position Overview:
We are seeking a highly skilled and motivated Cybersecurity Software Engineer to lead and maintain the security infrastructure of our police investigation assistant platform. This AI-driven solution integrates sensitive law enforcement data, evidence management, and advanced retrieval-augmented generation (RAG) technology hosted on AWS GovCloud. As a Cybersecurity Software Engineer, you will ensure our platform adheres to CJIS compliance, safeguard sensitive evidence and metadata, and mitigate cybersecurity risks. This is a mission-critical role with a significant impact on public safety and law enforcement collaboration.
Key Responsibilities:
1. Security Architecture Design
- Develop and implement security frameworks to ensure compliance with CJIS standards for data encryption, access control, and physical security.
- Architect secure AWS GovCloud environments for S3, DynamoDB, and Elastic Container Registry (ECR) integrations.
- Design VPC architectures with private subnets, NAT Gateways, and endpoint policies for secure resource access.
2. Data Protection and Compliance
- Enforce encryption at rest and in transit for evidence and metadata using FIPS 140-2 compliant methods.
- Implement bucket policies, IAM roles, and multi-factor authentication (MFA) for access control.
- Maintain secure key management practices using AWS KMS.
3. Monitoring and Incident Response
- Set up and manage logging and monitoring with AWS CloudTrail, Amazon CloudWatch, and AWS Security Hub.
- Develop and test incident response plans to handle data breaches, unauthorized access, and other cybersecurity threats.
- Monitor network traffic and application logs for anomalies and intrusion attempts.
4. Vulnerability Management
- Conduct regular vulnerability assessments and penetration testing for all system components.
- Use tools like Amazon Inspector to identify and remediate security vulnerabilities in ECR container images.
- Stay updated on emerging threats and cybersecurity best practices.
5. Data Integrity and Backup
- Implement data backup and disaster recovery strategies for S3 evidence storage and DynamoDB tables.
- Configure and maintain versioning, point-in-time recovery, and immutability settings for critical data.
6. Secure Software Development
- Work closely with developers to implement secure coding practices in chatbot and backend applications.
- Review and approve architecture changes, ensuring alignment with security policies.
7. Compliance and Audits
- Oversee CJIS compliance for all operations, conducting periodic internal and external audits.
- Maintain documentation for AWS resources and compliance standards using AWS Artifact and AWS Audit Manager.
8. Security Training
- Provide training to staff and law enforcement partners on cybersecurity awareness and CJIS policies.
- Develop and distribute guidelines for secure device usage and data handling.
Qualifications:
Education:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field. Advanced certifications or equivalent experience preferred
Experience:
Minimum 5 years of experience in cybersecurity roles, with a focus on cloud environments (preferably AWS GovCloud).
Experience securing law enforcement or public sector platforms is highly desirable.
Certifications (Preferred):
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- AWS Certified Security – Specialty
- Certified Ethical Hacker (CEH)
- Certified Cloud Security Professional (CCSP)
Technical Skills:
- Deep understanding of AWS services, including S3, DynamoDB, ECR, IAM, CloudTrail, CloudWatch, and KMS.
- Proficiency in designing and implementing secure network architectures (VPC, NAT Gateway, etc.).
- Expertise in encryption technologies, vulnerability management, and incident response.
- Experience with compliance frameworks like CJIS, NIST, or ISO 27001.
- Familiarity with logging and monitoring tools like ELK Stack, Splunk, or similar.
Soft Skills:
- Strong problem-solving and analytical skills.
- Excellent communication and documentation skills.
- Ability to work collaboratively with cross-functional teams, including developers, law enforcement personnel, and external auditors.
Why Join Us?
Opportunity to contribute to innovative AI solutions for law enforcement and public safety.
Work in a mission-critical field with a meaningful impact.
Competitive salary and benefits package.
Flexible, remote-friendly work environment.
Job Types: Full-time, Contract
Pay: $30.00 - $35.00 per hour
Compensation Package:
Schedule:
- Day shift
- Monday to Friday
- No nights
- No weekends
Work Location: Hybrid remote in Columbus, OH 43229
