Senior IT Security Engineer

About The Position

Requirements

• 7+ years of experience in IT systems engineering, security engineering, or a combined role
• Practical experience implementing or supporting cybersecurity compliance frameworks, particularly NIST 800-171 and/or CMMC
• Strong hands-on experience using Jamf to manage macOS environments, including policy creation and enforcement
• Experience administering SaaS platforms such as Google Workspace, Okta, Slack, Zoom, Salesforce, and Box
• Experience managing or securing Linux-based systems (Ubuntu, CentOS) in cloud environments
• Working knowledge of scripting or automation (Bash, Python, or similar)
• Strong understanding of security principles including least privilege, defense in depth, and zero trust
• Experience with vulnerability management, log aggregation, and monitoring/SIEM tools
• Ability to clearly document technical configurations, security controls, and processes
• Proven ability to operate independently, prioritize effectively, and drive initiatives forward with minimal oversight
• Ability to identify gaps and recommend scalable solutions to improve security posture, system reliability and operational efficiency
• Demonstrated ability to balance hands-on operational support with longer-term system and security improvements
• Are able to succeed and thrive in an environment with competing and changing priorities and tight deadlines
• Have track records of and ability to build solid collaborative working relationships, and are proven team players who enjoy a “customer service” orientation to collaboration
• Are committed to embedding equity for all in our internal practices and culture and in our programs in order to live and achieve our mission
• Bring openness and engagement to personal, professional, and organization-wide learning
• Are curious and committed to issues of environmental sustainability
• Are self-starters with excellent attention to detail and a commitment to delivering high-quality work
• Are active learners who independently learn new tools and work processes quickly
• Have excellent written and oral communication skills

Nice To Haves

• Jamf 200, 300, or 370 (Endpoint Security Admin)
• CompTIA Security+
• AWS Certified Security – Specialty
• GIAC Information Security Fundamentals (GISF) or Security Essentials (GSEC)
• ISC2 Certified in Cybersecurity (CC) or CISSP (Associate)
• Certified CMMC Professional (CCP) or NIST 800-171 Implementer
• Google Professional Workspace Administrator

Responsibilities

• Manage VentureWell’s device fleet (macOS, iOS, iPadOS) using Jamf, including configuration profiles, patching, encryption enforcement, and endpoint hardening
• Configure, administer, and secure SaaS platforms including Google Workspace, Okta, Slack, Zoom, Salesforce, Box, and BetterCloud, including integrations and lifecycle management
• Administer and maintain cloud-based systems and services (including AWS), partnering with vendors and internal teams to ensure uptime and security
• Serve as the escalation point for complex technical issues related to SaaS platforms, device management, identity systems, and integrations
• Maintain a transparent, documented SaaS application inventory and support software request review, vetting, and decision documentation
• Develop and maintain SOPs and technical documentation for systems, integrations, and operational processes
• Identify opportunities to improve system architecture, scalability, and reliability across SaaS and cloud environments and lead implementation of those improvements
• Evaluate and recommend new tools, technologies and integrations to enhance system performance, security and operational efficiency
• Drive continuous improvement of IT systems and processes, balancing day-to-day operational support with longer-term optimization initiatives
• Monitor and respond to security alerts, vulnerability findings, and threat intelligence across endpoint, SaaS, and cloud environments
• Perform root cause analysis on security incidents and recommend corrective actions
• Manage endpoint security tooling and monitoring (e.g., Jamf Protect) and integrate telemetry with logging platforms (e.g., Datadog, CloudWatch)
• Lead vulnerability scans, penetration test coordination, and remediation tracking
• Review logs and security reports to identify risks, trends, and required remediation
• Proactively identify security gaps, risks and emerging threats and implement improvements to strengthen VentureWell’s overall security posture
• Continuously enhance monitoring, detection and response capabilities across endpoint, SaaS and cloud environments
• Partner with internal team members to priorities and remediate vulnerabilities based on risk, business impact and organizational priorities
• Support implementation and ongoing maintenance of NIST SP 800-171 and CMMC Level 2 controls
• Maintain and update the System Security Plan (SSP) and Plan of Action & Milestones (POA&M)
• Draft, review, and maintain security policies, standards, baselines, and procedures
• Conduct Security Impact Analyses (SIA) for system changes, integrations, or architectural decisions
• Coordinate evidence collection and support internal and external audits
• Ensure secure configuration baselines are defined, documented, and reviewed on a regular basis
• Identify gaps in existing controls and lead efforts to strengthen and mature VentureWell’s compliance and security frameworks
• Translate compliance requirements (i.e. NIST 800-171, CMMC) into scalable, practical technical and operational solutions
• Drive continuous improvement of documentation, policies and control implementation to support audit readiness and long-term program maturity

Benefits

• 403 (b) with 200% match up to a maximum contribution from VentureWell of 10% when the employee puts in 5% (eligible after one year of service for the match)
• Medical, Dental, and Vision insurance
• $1,000 home office stipend upon hire
• 20 paid vacation days
• 12 paid holidays
• 12 paid wellness days