The Information Security Engineer is responsible for designing, implementing, and maintaining robust security solutions to protect the organization’s information assets, systems, and networks. This role ensures data confidentiality, integrity, and availability by identifying, assessing, and mitigating security risks across enterprise environments.
Responsibilities
- Design, deploy, and oversee security technologies such as firewalls, intrusion detection and prevention systems, and endpoint protection platforms
- Monitor security infrastructure and respond to security incidents, including investigation, containment, and remediation
- Perform vulnerability assessments and penetration testing; propose and apply effective risk mitigation measures
- Create and maintain security policies, standards, and procedures aligned with regulatory and compliance requirements
- Work with IT and business units to integrate security into system architectures and application development
- Deliver security awareness training and provide guidance to staff on secure practices
- Analyze emerging security threats and assess new technologies to enhance defensive capabilities
- Carry out additional duties as assigned by management
- Adhere to all organizational policies, standards, and security controls
Requirements
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent professional experience
- 3-5 or more years of hands-on experience in information security engineering or cybersecurity operations
- Strong knowledge of security frameworks and standards including NIST, ISO 27001, PCI DSS, HIPAA, and SOC 2
- Experience with security tools such as SIEM, firewalls, IDS/IPS, endpoint protection, DLP, vulnerability management, and cloud security platforms on AWS, Azure, and GCP
- Proficient in scripting or programming languages like Python, PowerShell, or Bash for automation and integration of security tools
- Solid understanding of network protocols, operating systems including Windows, Linux, and macOS, and secure system design principles
- Proven experience in incident response, digital forensics, and threat intelligence analysis
- Familiarity with regulatory compliance requirements and participation in audit processes
- Strong analytical, problem-solving, and communication skills with the ability to explain technical security topics to both technical and non-technical audiences
- Demonstrated commitment to ongoing learning and staying current with evolving threats, technologies, and industry developments
Nice to Have
- Professional certifications such as CISSP, CISM, CEH, GIAC, or CompTIA Security+ are highly preferred
Tech Stack
SIEM, firewalls, IDS/IPS, endpoint protection, DLP, vulnerability management, AWS, Azure, GCP, Python, PowerShell, Bash
Benefits
- Comprehensive benefits package available for full-time or part-time benefit-eligible positions
- Eligibility to participate in the bonus incentive plan
Compensation
The pay range for this position is $79K to $123K per year (pay to be determined by the applicant’s education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data). Bonus incentive plan participation
Work Arrangement
global — Remote
- Respond Readily
- Trust through transparency
- Assume positive intent
- Be real
- Live a growth attitude
- Embrace the reverse golden rule
Additional Information
- Background checks, identity verification, and reference confirmation are conducted as part of the hiring process
- All employees are expected to adhere to information security and privacy policies, procedures, and controls
- For roles at AVP, DIR, VP, Head Of or SVP and above: Serve as a security contact for the business unit, drive adoption and compliance with information security and privacy practices, and act as a liaison with the information security team
- The company is committed to protecting client data and maintaining leading-class security practices
