Information Security Engineer

About The Position

Requirements

• 5+ years of experience in Information Security, Security Engineering, or Security Operations roles within a SaaS or cloud-centric environment
• Hands-on experience supporting incident response and investigations, including building/using runbooks and participating in post-incident reviews
• Experience implementing and operating security controls and security tooling across endpoints, SaaS applications, and cloud environments
• Working knowledge of cloud security fundamentals (AWS, Azure, or GCP), identity/access concepts (SSO, MFA, RBAC), and modern security best practices
• Ability to collaborate effectively with technical teams (DevOps, Engineering, Observability, AppSec) to drive remediation and measurable risk reduction
• Familiarity with vulnerability and risk concepts (CVEs, prioritization, remediation tracking), even if not the program owner
• Strong documentation habits and an operational mindset (clear processes, repeatability, auditability)
• Due to FedRAMP requirements, candidates must be a U.S. Person

Nice To Haves

• Experience in compliance-driven environments (FedRAMP, GovRAMP, SOC 2, ISO 27001, NIST 800-53) and supporting evidence collection/operational readiness
• Experience with EDR, email security, and/or SaaS security controls (tooling specifics vary)
• Experience with identity security workflows (access reviews, privileged access processes, conditional access patterns)
• Scripting/automation experience (Python, Bash, PowerShell) and comfort integrating systems via APIs
• Exposure to detection engineering, threat intelligence workflows, or SOAR-style automation (without needing to be the SIEM/platform owner)
• Experience in cybersecurity or high-scale SaaS organizations

Responsibilities

• Support and execute security incident response activities, including triage, investigation support, containment coordination, lessons learned, and corrective action tracking
• Develop and maintain incident response playbooks, runbooks, and escalation paths; participate in and help run tabletop exercises
• Operate and improve enterprise security controls and tooling (e.g., endpoint protection/EDR, SaaS security controls, email security, access control workflows), ensuring reliable configuration and ongoing effectiveness
• Partner with Observability Engineering to ensure security-relevant telemetry is available for investigations and response (without owning SIEM/telemetry platform administration)
• Partner with Vulnerability Management to drive remediation execution, validate fixes where appropriate, and reduce repeat findings through hardening and control improvements
• Coordinate security investigations with DevOps, IT, and Engineering teams; track actions through to closure and document outcomes
• Support access governance and least-privilege initiatives, including periodic access reviews, privileged access workflows, and secure authentication controls
• Create and maintain security documentation for processes, controls, and operational procedures to enable consistency across teams and geographies
• Assist with security control evidence and operational readiness activities for compliance frameworks (e.g., SOC 2, ISO 27001, FedRAMP/GovRAMP, NIST 800-53) in partnership with Compliance and platform teams
• Identify opportunities for automation to improve security operations efficiency (ticketing workflows, control checks, integrations, scripting)

Benefits

• Medical, Dental & Vision (inclusive of domestic partnerships)
• Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
• Voluntary Short/Long Term Disability Insurance
• 401K (Roth/Traditional)
• A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
• Above market annual bonuses