Information Security Engineer

ExostarCincinnati, OH
Remote

About The Position

This individual will serve as an Information Security Engineer and member of the Exostar Information Security Office. This individual will report to the Intelligence & Operations Manager and be focused on a diverse set of information security functions supporting a highly secure suite of services for our Aerospace and Defense and Life Sciences customer base. The ideal candidate will have a general background in multiple areas of information security and system/network operations.

Requirements

  • 7+ years of experience in information security.
  • Strong background in security operations, incident response, threat detection, and monitoring.
  • Demonstrated experience securing Azure and Microsoft 365 environments in regulated or enterprise contexts.
  • Experience with Multi-vendor environments including Windows Domains, Active Directory, and Linux-based environments.
  • Experience using on-premise and Azure cloud-native security tools (e.g. IDS, Firewalls, Splunk, Sentinel, Defender, EDR/NGAV, SIEM, vulnerability scanners, legacy and next-generation antivirus, email filtering, DLP, software whitelisting).
  • Scripting and query language knowledge (Python, Splunk Query Language, KQL).
  • Security Monitoring and Intrusion Detection (e.g. Log correlation and analysis, Incident Response, Forensics).
  • Vulnerability Scanning and Remediation (Infrastructure, Application, and Database).
  • Information Security Threat/Risk Assessment.
  • Demonstrated ability to understand and respond to complex business requirements.
  • Demonstrated ability in strong verbal and written communication skills to interface with technical and business stakeholders.
  • U.S. Citizens only- Due to customer requirements, U.S. Citizenship is required. Ability to gain and maintain Trusted Role is required.

Nice To Haves

  • Scripting and Querying Experience (Python, PERL, Ruby, Bash, SQL, KQL).
  • Experience with Data Loss Prevention (DLP) and Whitelisting processes and tools.
  • Identity Federation Technologies (SAML, etc.).
  • Business Continuity and Disaster Recovery planning.
  • Data Loss Prevention (DLP).
  • Data Labeling and Information Rights Management.

Responsibilities

  • Monitoring, triaging, deployment, and administration of security operation tools (ex. EDR, AV, email filtering, DLP, vulnerability scanners, and whitelisting).
  • Ability to import and manage IOCs from various threat sources.
  • SIEM administration and engineering, including refining and building dashboards, managing ingest sources and licensing, monitoring for incidents and operational events, health of indexers and deployment agents, and deploying new infrastructure.
  • Perform Azure security monitoring including review, triage, and respond to Defender, Azure Monitor, and AAD alerts.
  • Threat intelligence research support including notification on emerging threats and providing timely threat data in Exostar format.
  • Vulnerability management support using scanning tools such as Tenable/Web application scanners, communicating results to stakeholders, and supporting remediation activities.
  • Threat hunting including adhoc monthly and formalized quarterly exercises with reporting. Threat hunting exercises are performed with relevance to the industry and security landscape.
  • Proofpoint monitoring and email filtering including mailbox user sync, review, release of legitimate emails from quarantine, reviewing inbound Spam and CIRT emails from the user population.
  • Security engineering, consisting of maintaining FIM agents, legacy antivirus health/alert monitoring, triaging alerts, false positives, and true positives.
  • Advise on procurement for new solutions which support Exostar’s Security Tools Suite.
  • Provide IR escalation support, consisting of "Tier 2-3" incident response and forensics capabilities leveraging industry-standard methodologies (e.g., US-CIRT, NIST, MITRE) and tools.
  • Support with miscellaneous documentation tasks including the compilation of threat metrics, drafting SOPs, and providing Executive-level status reports.
  • Audit and Compliance support, including assistance with providing artifacts demonstrating security control implementation, answer questions and customer questionnaires, and performing monthly User Account Reviews.
  • Perform Configuration Management support for product teams and conduct Change Control review.

Benefits

  • employee development
  • promote internally
  • training and educational assistance
  • comprehensive benefits
  • flexible time off plans
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service