Security Engineer (Remote)

About The Position

Requirements

• 5-8 years of experience in an information security role with hands-on technical responsibilities.
• Solid grounding in security operations, including alert handling, incident triage, and log analysis.
• Familiarity with EDR concepts and endpoint security.
• Understanding of Zero Trust and SASE concepts.
• Exposure to DAST, EASM, or external attack surface tooling.
• Sufficient AppSec fluency to review SAST output and have credible conversations about security findings.
• Familiarity with SIEM tooling, monitoring, and response.
• Experience with security awareness platforms (KnowBe4 or similar) is helpful.
• Strong written communication skills for writing findings summaries, coordinating with vendors, and presenting to non-technical stakeholders.

Nice To Haves

• Direct CrowdStrike experience.
• Cloudflare One experience.
• Relevant certifications such as CompTIA Security+, CySA+, PenTest+, or equivalent.
• An offensive security bent; thinking like an attacker even when playing defense.
• Ability to pick up new tools quickly without a perfect spec.
• Experience handling ambiguous situations and making them work.
• Awareness of AI's impact on the security field and how it affects work.

Responsibilities

• Owns endpoint defense holistically, including the human layer, device layer, and network/access layer.
• Manages and operates the security awareness program and phishing simulations, including campaign design, execution, metrics, and follow-through.
• Oversees Endpoint Detection and Response (EDR) operations, including participation in near-term upgrade rollouts.
• Manages Zero Trust network access and DNS security, including operational responsibility for revamped network protections.
• Manages and operates the EASM platform, including continuous monitoring, finding triage, and remediation coordination.
• Coordinates with third-party penetration testing partners, including scoping, logistics, findings review, and remediation tracking.
• Provides oversight for SAST and SCM findings, including understanding findings, pushing back when warranted, and escalating when necessary.
• Monitors and responds to security alerts across the SIEM, EDR telemetry, and related tooling.
• Owns relevant SOC 2 controls and carries a share of the responsibility.
• Participates in vendor evaluations, new tooling assessments, and ad hoc projects as the team grows.
• Ensures access to a private & secure workspace, free from distractions.
• Remains accessible during the assigned work schedule for regular duties and responsibilities.
• Maintains an internet connection with speeds of 5 Megabits down / 3 Megabits up (5mbps/3mbps).

Benefits

• Generous paid holiday schedule, including a full week off for Winter Holiday Shutdown.
• Comprehensive paid time off policies covering vacation, sick days, parental leave, and bereavement leave.
• Medical insurance with a $0 co-pay Telehealth plan.
• Dental insurance.
• Vision insurance.
• Health Savings Account (HSA) with generous employer contributions.
• Flexible Spending Accounts (FSA).
• Company-paid Life Insurance and Accidental Death & Dismemberment (AD&D) coverage.
• Company-paid Short & Long Term Disability coverage.
• Company-paid Employee Assistance Program (EAP).
• Matching 401(k) with immediate full vesting.
• On Demand Pay - access to a portion of earned wages prior to payday with same-day deposit.
• Internet reimbursement.
• Gym reimbursement.
• Work computer equipment provided.
• Employee Events Committee planning fun in-person and virtual events.
• FMG swag.