Engineer, Information Security

About The Position

Requirements

• Strong knowledge of information security principles, practices, and technical safeguards.
• Working knowledge of security technologies such as firewalls, endpoint protection, vulnerability management tools, VPN solutions, email security platforms, logging and monitoring tools, identity and access controls, and encryption technologies.
• Ability to analyze alerts, logs, events, and technical findings to identify potential threats, control gaps, or remediation needs.
• Strong understanding of secure configuration, system hardening, least privilege, defense in depth, and risk reduction concepts.
• Ability to assess vulnerabilities and security weaknesses and support practical remediation efforts.
• Strong troubleshooting, analytical, and problem-solving skills with attention to detail.
• Strong written and verbal communication skills, with the ability to work effectively across technical and non-technical teams.
• Strong interpersonal skills and the ability to collaborate with internal stakeholders, external partners, vendors, auditors, and assessors.
• Strong organizational and time management skills, with the ability to manage multiple priorities and follow tasks through completion.
• Ability to adapt to evolving threats, technologies, and business requirements in a fast-paced environment
• Five or more years of experience in information security, cybersecurity, infrastructure security, or a related technical field.
• Experience implementing, administering, or supporting enterprise security technologies and controls.
• Experience with security monitoring, vulnerability management, endpoint security, secure configuration, incident response support, or related security operations and engineering functions.
• Experience partnering with IT, infrastructure, cloud, or platform teams to implement or improve security controls in production environments.
• Bachelor’s degree in Computer Science, Information Technology, Information Security, Cybersecurity, or a related field is preferred.
• Demonstrates professionalism, sound judgment, and accountability in the handling of security matters.
• Maintains a high degree of integrity and discretion when working with sensitive systems, information, and incidents.
• Able to work independently while also contributing effectively within a team environment.
• Demonstrates a proactive mindset, technical curiosity, and a commitment to continuous improvement.
• Ability to travel up to 5%.

Nice To Haves

• Experience supporting audits, assessments, control validation, or remediation activities is beneficial
• Relevant certifications such as CompTIA Security+, SSCP, GIAC, Microsoft security certifications, or Azure security certifications are beneficial.

Responsibilities

• Design, implement, administer, and maintain technical security controls across endpoint, network, identity, cloud, and infrastructure environments.
• Support the configuration, administration, and optimization of security technologies, including endpoint protection, email security, firewalls, VPN, logging, monitoring, vulnerability management, and related platforms.
• Monitor security events, alerts, and control health to identify issues, investigate suspicious activity, and support response and containment efforts.
• Partner with IT and infrastructure teams to implement secure configurations, system hardening measures, and technical safeguards aligned with organizational security standards.
• Perform technical security assessments, configuration reviews, and vulnerability analysis to identify control gaps and improvement opportunities.
• Support vulnerability remediation by validating findings, helping prioritize risk, and coordinating with system owners on corrective actions.
• Review penetration testing and security assessment results and help drive remediation planning and closure tracking.
• Assist with security incident response activities, including investigation, containment support, documentation, and follow-up actions.
• Contribute to the development, maintenance, and continuous improvement of security standards, technical baselines, procedures, and engineering documentation.
• Support identity and access security efforts, including authentication controls, privileged access protections, and least-privilege design principles.
• Collaborate with cloud, infrastructure, workplace, and application teams to integrate security requirements into operational and technical processes.
• Support audit and compliance activities by helping provide technical evidence, validating control operation, and addressing control gaps where needed.
• Work with vendors and external partners to support the secure implementation and operation of security technologies and services.
• Stay current on evolving threats, attack techniques, vulnerabilities, and security technologies, and recommend improvements as appropriate.
• Perform other duties as assigned.