Security Engineer

Position

Description:

Reporting to the Director of Information Security, the Security Engineer is a hands‑on security professional responsible for ensuring security throughout the SDLC, implementing security controls, and maintaining operational security for our client’s information systems.

• Provide oversight and assess security controls for IaaS, PaaS, and SaaS services, collaborating with system integrators and client teams to deliver secure and scalable solutions.
• Oversee and lead the implementation of security solutions; develop technical and reference architectures throughout project life cycles.
• Act as a subject‑matter expert on IAM and cloud technologies, recommending secure infrastructure and raising risks in a timely manner.
• Develop security requirements for complex internet‑facing applications and associated infrastructure components.
• Assess and review end‑to‑end secure integrations, including web services and APIs.
• Monitor information systems for security incidents and vulnerabilities; develop monitoring and visibility capabilities; report on incidents, vulnerabilities, and trends.
• Analyze threat trends, advisories, and changes in threats; conduct security assessments with risk‑mitigation plans.
• Review vulnerability management reports and collaborate with technical stakeholders on remediation.
• Respond to information system security incidents, including investigation, countermeasures, and recovery from attacks, unauthorized access, and policy breaches.
• Support incident response infrastructure and cyber‑intelligence platforms.
• Initiate, facilitate, and promote security awareness training to foster information security awareness across the organization.
• Develop, maintain, and enforce operational and compliance dashboards and reporting tools.
• Document and review system‑related information security plans and act as liaison to the Information Systems Department.
• Mentor junior staff, providing guidance on daily job assignments and career development.
• Lead and direct team initiatives, ensuring project delivery aligns with business objectives and regulatory requirements.

• Bachelor’s or Master’s degree from an accredited institution or equivalent work experience.
• 6–8 years of experience as an Information Security Analyst/Engineer, with extensive system design and security engineering in both cloud and on‑prem environments.
• Strong knowledge of secure design, identity and access management, and IAM best practices.
• Hands‑on experience with IAM solutions (e.g., SSO, MFA, privileged access management).
• Experience with authentication standards and technologies such as Azure AD, Okta, Azure AD B2C, and Microsoft Identity Governance.
• Proficient with vulnerability management, DLP, and security monitoring tools.
• Professional certifications such as Security+, CEH, CCSP, or CISSP preferred.
• Excellent communication, presentation, and documentation skills.
• Deep understanding of regulatory requirements (HIPAA, NIST CSF, ISO, HITRUST, PCI).
• Ability to manage multiple priorities in a fast‑paced, high‑pressure environment.
• Commitment to confidentiality, integrity, and accountability when handling sensitive data.

• Additional certifications (e.g., GSEC, CISA, CISM, CRISC, SSCP).
• Experience with Azure solutions architecture, Microsoft Azure Architect, and Azure AD Architect technologies.
• Knowledge of CASB, SOAR, and other advanced security orchestration tools.
• Programming experience in one or more languages such as Python, Java, C++, or JavaScript.
• Experience with scripting (Power Shell, Bash, Perl) and database technologies (SQL, LDAP).
• Proficiency in security vulnerability scanning tools (e.g., Qualys, Nessus).
• Strong data‑analysis and network monitoring skills for cloud and endpoint data.
• Prior experience in a hybrid or remote workforce environment.

• Pay Range: $65.00–$72.00 per hour (contract‑to‑hire).
• Benefits (subject to eligibility): medical, dental, vision, critical illness, accident, hospital, 401(k) plan (pre‑tax and Roth), voluntary life & AD&D, short & long‑term disability, HSA, transportation benefits, employee assistance program, PTO and vacation.

Hybrid position based out of Columbia, MD: 4 days onsite (moving to 3 days once acclimated). Contract‑to‑hire until permanent placement.

The company is an equal‑opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information, or any characteristic protected by law.