Information Security Engineer

About The Position

Requirements

• Minimum of 5 years’ security experience, including implementation and management of security controls, vulnerability management, and investigations.
• Deep knowledge and experience with Microsoft 365 Security and Compliance tools and Azure Sentinel required.
• Demonstrated ability to prioritize and manage multiple workloads efficiently, and communicate effectively with diverse teams and stakeholders to ensure timely and successful completion of security initiatives.
• To conform to U.S. Government technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., or protected individual as defined by 8 U.S.C 1324b(a)(3).

Nice To Haves

• Specific experience with Microsoft Purview (MIP, DLP, DSPM) strongly preferred.
• Bachelor's degree in Information Security (or related field) and/or relevant certifications (e.g., Security+, Microsoft Cybersecurity Architect Expert, CMMC Certified Professional, CISSP) preferred.
• Specific experience administering and securing complex multi-forest Active Directory and multi-cloud (AWS, Azure, & GCP) environments preferred.
• Background supporting security and compliance initiatives in the manufacturing and/or defense industries preferred.
• Understanding of security frameworks and standards, specific experience with NIST SP 800-171 and other 800-series publications preferred.

Responsibilities

• Design, implement, and manage security controls, leveraging Microsoft 365 E5 Security and Compliance and Azure.
• Analyze systems and networks for compliance with Re:Build policy, industry standard methodologies and regulations.
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security risks.
• Fully leverage Microsoft Sentinel, increasing observability and monitoring, promptly responding to, and tuning alerts to mitigate threats, minimize impact, and reduce noise.
• Collaborate with IT and other departments to ensure security is integrated into all aspects of the organization's infrastructure and processes.
• Stay up-to-date with the latest security trends, threats, and technologies to continually improve the organization's security posture.
• Assist in the development and execution of business impact assessments, incident response plans and disaster recovery procedures with collaborators across Re:Build.
• Work with Security and IT personnel to prepare and manage Information Assurance documentation including System Security Plans (SSPs) and Plans of Action & Milestones (POA&M).
• Lead root cause analysis on security incidents and provide recommendations for containment and remediation.
• Prepare and present regular reports on key performance indicators, security metrics, and incidents to senior management.
• Evangelize information security and foster a security culture.

Benefits

• Every employee of Re:Build will share ownership in the company and will share in the financial rewards of the success we achieve together, at all levels of the company!