Information Security Engineer

Overview

Knowledge Business Services (KBS) is a leading multidisciplinary organization supporting software, professional services, and cybersecurity solutions across regulated government and commercial markets. KBS provides shared services and governance for multiple operating entities, including Knowledge Services, RAMPquest, RAMPxchange, dot Staff, and other mission-focused business units.

KBS is seeking an Engineer, Information Security to join our growing Information Security team. This role reports to the Manager, Information Security (Corporate) and is responsible for designing, implementing, and maintaining the technical security controls that protect corporate systems, cloud infrastructure, and enterprise data.

The Information Security Engineer will work hands-on with modern security technologies in a Microsoft/Azure environment, including SIEM and monitoring platforms, endpoint protection, secure web gateways, and cloud-native security controls. The ideal candidate is technically strong, proactive, and motivated to improve security posture while supporting compliance and operational resilience.

Information Security Engineer Responsibilities:

Security Engineering & Control Implementation

• Design, implement, document, and maintain technical security controls across corporate environments
• Support secure configuration and management of security platforms including Microsoft Defender, Azure Sentinel (SIEM), Trellix, Cisco Umbrella, and related tools
• Develop implementation guidance for security controls identified in System Security Plans (SSPs) and compliance requirements
• Recommend improvements to security architecture, policies, procedures, and baseline configurations

Monitoring, Detection, and Incident Response

• Monitor corporate networks and systems for security issues and suspicious activity
• Analyze security event data and reports generated by threat monitoring systems
• Coordinate investigation and response activities for security incidents, including
  • Incident documentation
  • Impact and damage assessment
  • Communication and escalation support
  • Corrective action execution and follow-up
  • Participate in proactive testing to identify unknown vulnerabilities and strengthen defenses

Vulnerability Management & Remediation

• Conduct vulnerability scanning, compliance scanning, and remediation tracking
• Resolve detected vulnerabilities and misconfigurations to maintain a strong security posture
• Support web application and infrastructure vulnerability testing efforts

Cross-Functional Collaboration

• Work closely with IT and Development teams to secure new infrastructure, applications, and product environments
• Provide guidance to Information Security Analysts and other team members