Security & Compliance Engineer

About The Position

Requirements

• 5-10 years of experience in IT systems engineering with a focus on security and compliance
• Advanced knowledge and hands-on experience in infrastructure configuration, including server and network setup and hardening
• Strong understanding of security frameworks and compliance standards (NIST, ISO 27001, CIS Controls, etc.)
• Proficiency with security tools such as firewalls, IDS/IPS, SIEM, vulnerability scanners, and endpoint protection solutions
• Experience with Windows and Linux server administration and hardening
• Knowledge of network protocols, routing, switching, and network security best practices
• Familiarity with cloud security (AWS, Azure, or GCP) and identity and access management (IAM)

Nice To Haves

• Relevant certifications such as CISSP, CISM, CEH, GCIH, Security+, or equivalent
• Experience with automation and scripting (PowerShell, Python, Bash) for security tasks
• Knowledge of container security (Docker, Kubernetes) and DevSecOps practices
• Experience conducting compliance audits and working with external auditors
• Strong analytical and problem-solving skills with attention to detail
• Excellent communication skills with the ability to explain complex security concepts to technical and non-technical stakeholders
• Proactive mindset with a commitment to continuous improvement and learning
• Ability to work independently and collaboratively in a fast-paced environment
• Strong ethical standards and commitment to maintaining confidentiality

Responsibilities

• Conduct cybersecurity and compliance assessments or related tasks for ongoing customer engagements
• Coordinate and schedule project tasks
• Coordinate and lead customer-facing meetings, interviews, and walkthroughs
• Review and interpret results of scans, interviews, and walkthroughs
• Produce consistently high-quality reports and associated deliverables
• Configure and deploy security tools for on-prem and cloud infrastructure
• Vulnerability scanning solutions
• Security and/or compliance framework control tools
• Active Directory auditing tools
• Audit secure infrastructure configurations across on-premises and cloud environments, including firewalls, networks, servers, and endpoints
• Assess and maintain evidence for compliance readiness with relevant frameworks and regulations (e.g., NIST, ISO 27001, HIPAA, SOC 2, PCI-DSS)
• Facilitate ongoing collaboration with customer IT leaders and teams to integrate security into system design, operations, and compliance-driven objectives
• Research and stay current with emerging security threats, technologies, and compliance requirements
• Provide resolution confirmation, proper documentation, and closure of incident tickets into ConnectWise.
• Maintain documentation for security configurations, compliance audits, and incident response procedures
• Assist in the development of, and ensure adherence to, TTx Standard Operating Procedures and best practices.
• Assist with Client Account Reviews for assigned clients, providing necessary documentation and input to Director of Technology and Cybersecurity.