Information Security Engineer (Remote)
About The Position
The Information Security Engineer is responsible for designing, implementing, and maintaining robust security solutions to safeguard the organization’s information assets, systems, and networks. This role ensures the confidentiality, integrity, and availability of data by proactively identifying, assessing, and mitigating security risks across enterprise environments. The Information Security Engineer collaborates with IT, DevOps, and business teams to integrate security best practices into system architecture, application development, and operational processes. Key responsibilities include conducting vulnerability assessments, penetration testing, and incident response activities; developing and enforcing security policies, standards, and procedures; and ensuring compliance with industry frameworks such as NIST, ISO 27001, HIPAA, and other regulatory requirements. The engineer is expected to stay current with emerging threats, technologies, and trends, and to contribute to continuous improvement of the organization’s security posture. This position requires strong technical expertise in security technologies (e.g., SIEM, firewalls, endpoint protection, cloud security), experience with risk management and remediation strategies, and the ability to communicate complex security concepts to both technical and non-technical stakeholders. The Information Security Engineer plays a critical role in supporting audit and compliance initiatives, maintaining incident response readiness, and fostering a culture of security awareness throughout the organization.
Requirements
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent professional experience)
- 3-5+ years of hands-on experience in information security engineering, cybersecurity operations, or related discipline
- In-depth knowledge of security frameworks and standards (NIST, ISO 27001, PCI DSS, HIPAA, SOC 2, etc.)
- Experience with security technologies: SIEM, firewalls, IDS/IPS, endpoint protection, DLP, vulnerability management, and cloud security platforms (AWS, Azure, GCP)
- Proficiency in scripting or programming languages (Python, PowerShell, Bash, etc.) for automation and security tool integration
- Strong understanding of network protocols, operating systems (Windows, Linux, macOS), and secure architecture principles
- Demonstrated experience in incident response, forensics, and threat intelligence
- Familiarity with regulatory compliance requirements and audit processes
- Excellent analytical, problem-solving, and communication skills; ability to convey complex security concepts to technical and non-technical audiences
- Commitment to continuous learning and staying current with emerging threats, technologies, and industry trends
Nice To Haves
- Professional certifications strongly preferred: CISSP, CISM, CEH, GIAC, CompTIA Security+, or equivalent
Responsibilities
- Design, implement, and manage security technologies (e.g., firewalls, intrusion detection/prevention systems, endpoint protection).
- Monitor security systems and respond to security incidents, including investigation and remediation.
- Conduct vulnerability assessments and penetration testing; recommend and implement mitigation strategies.
- Develop and maintain security policies, standards, and procedures in alignment with regulatory requirements.
- Collaborate with IT and business teams to ensure secure architecture and application development.
- Provide security awareness training and guidance to employees.
- Research and evaluate emerging security threats and technologies.
- Performs other duties as assigned.
- Comply with all policies and standards.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
