Security Engineer

About The Position

Requirements

• Demonstrates strong ownership and accountability for assigned responsibilities.
• Proactively identifies opportunities to improve security controls and processes.
• Operates effectively in ambiguous environments and makes sound, risk-informed decisions.
• Maintains a collaborative mindset focused on enabling the business securely.
• Communicates clearly and professionally with both technical and non-technical stakeholders.
• Ability to collaborate effectively with IS, application owners, vendors, and business stakeholders.
• Strong analytical and problem-solving skills, with the ability to assess complex security issues.
• Ability to manage multiple priorities and deliver work in a structured and timely manner.
• Strong written and verbal communication skills, including the ability to document standards, processes, and configurations.
• Ability to influence stakeholders and drive adoption of security controls and standards.
• Solid understanding of core security principles such as authentication, authorization, least privilege, and system hardening.
• General familiarity with enterprise IT environments across operating systems, networks, and cloud platforms.
• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field, or equivalent practical experience.
• 5+ years of experience in security engineering or a related field.
• Demonstrated depth in at least one security domain (e.g., identity, detection and response, endpoint, network, cloud, application, or data security), with working exposure across multiple domains and the ability to adapt to new practice areas over time.
• Experience designing, implementing, and supporting security controls in enterprise environments.
• Experience working with security technologies such as endpoint protection platforms, logging and monitoring solutions, access control systems, and cloud security configurations.
• Experience investigating, troubleshooting, and resolving complex security issues across systems and platforms.
• Experience collaborating with cross-functional teams to reduce risk and improve security posture.

Nice To Haves

• Relevant certifications such as CISSP, CISM, or similar are preferred but not required

Responsibilities

• Implement, manage, and improve security controls across one or more domains, including identity, endpoint, detection and response, network, cloud, application, or data security.
• Investigate security alerts, events, and incidents; support containment, remediation, and post-incident improvements.
• Develop, tune, and maintain detection logic based on system, user, and network activity.
• Identify security gaps, misconfigurations, and exposure risks; recommend and implement corrective actions.
• Implement and manage authentication and authorization controls.
• Support identity governance processes, including access reviews and lifecycle management.
• Enhance controls for privileged and non-human identities.
• Identify, prioritize, and track remediation of vulnerabilities across systems and platforms.
• Partner with IS and engineering teams to drive timely remediation and risk reduction.
• Improve vulnerability scanning coverage, prioritization, and reporting processes.
• Secure cloud environments and SaaS platforms through configuration review and monitoring.
• Support network security controls such as segmentation, remote access, and traffic analysis.
• Identify and remediate application security risks across the software development lifecycle.
• Support implementation of controls to protect sensitive data across storage, transmission, and processing workflows.
• Maintain security standards, control requirements, and technical guidance within assigned practice areas.
• Define and validate security requirements, deliverables, and acceptance criteria for initiatives impacting the practice domain.
• Support security scoping and risk assessments for enterprise initiatives.
• Track security-related milestones and escalate material deviations from standards when necessary.
• Develop and maintain metrics related to control maturity, risk posture, and initiative progress.
• Provide regular reporting and insights to security leadership and stakeholders.

Benefits

• Reimbursement for educational programs
• Participation in events that enhance skills
• Generous compensation and benefits package
• 401K