Information Security Engineer III

About The Position

Requirements

• You have a Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• You have a minimum of 3–5 years of experience in core security principles across multiple domains, including identity and access management, cryptography, and network security protocols (e.g., TLS, SSH), as well as secure coding fundamentals.
• You have hands‑on experience applying security frameworks like NIST SP 800‑53 and CIS Benchmarks to harden systems and ensure compliance with best practices, as well as evaluating system configurations against these standards.
• You are proficient in scripting and automation (e.g., Python, PowerShell, or Terraform) to streamline security operations. This includes creating scripts or using IaC for automated patch management, secure‑default environment buildouts, and continuous compliance checks.
• You have demonstrated experience in performing security analysis and solving complex problems.
• You have excellent teamwork skills, with the ability to work cross‑functionally and communicate effectively.
• You can mentor junior team members or interns by sharing knowledge and best practices.

Nice To Haves

• You have professional certifications that demonstrate security knowledge, such as CompTIA CySA+, GSEC, AWS Solutions Architect – Associate, or Azure Security Engineer Associate a plus.

Responsibilities

• Own and drive small to medium security projects or work‑streams that enhance the organization’s defenses.
• Conduct advanced threat modeling and in‑depth risk assessments for complex systems to uncover vulnerabilities and drive implementation of secure design patterns or automated controls to mitigate these risks.
• Ensure that configurations align with security policies and that new systems are built with secure defaults.
• Work with software engineers and system owners to prioritize and remediate complex, multi‑service vulnerabilities and misconfigurations.
• Drive strategic security planning and governance by developing and refining security policies, standards, and reference architectures that incorporate industry best practices and address emerging threats.
• Collaborate with senior leadership and cross‑functional teams to ensure security initiatives and roadmaps align with business objectives and compliance requirements.
• Work closely with cross‑functional teams — including DevOps, IT operations, software development, and product management — to embed security into every stage of system development and deployment.
• Translate security findings into actionable tasks for others and follow up to ensure these are implemented.
• Provide technical leadership through activities such as code reviews, design consultations, and hands‑on training sessions, guiding team members in solving complex security challenges and promoting best practices.
• Collaborate with senior leadership and cross‑functional teams to ensure security initiatives and roadmaps align with business objectives and compliance requirements.
• Perform additional responsibilities as assigned.

Benefits

• competitive salary, bonuses and benefits
• company-funded retirement contribution will factor in salary and variable pay, including bonuses
• generous time-away and health benefits from day one, with the opportunity for flexible work options
• Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love
• Access on-demand professional development resources that allow you to hone existing skills and learn new ones
• eligible for an individual annual performance bonus, plus Capital’s annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings