×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Senior Security Controls Engineer

Job in Meridian, Ada County, Idaho, 83680, USA
Listing for: American Credit Acceptance
Full Time position
Listed on 2026-05-31
Job specializations:
  • Engineering
    Cybersecurity, Systems Engineer
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Position Overview

The Senior Security Controls Engineer designs, implements, and continuously improves technical security controls that reduce risk across on‑premises, cloud, and endpoint environments. This role specializes in hardening, benchmark compliance, configuration risk reduction, compensating controls for non‑patchable vulnerabilities, and control automation  engineer partners with IT operations, platform teams, and risk/compliance to ensure controls are effective, measurable, and audit‑ready.

Reports to: Director of Information Security

Location: Boise,  - Onsite

Employment Type: Full‑time

Travel: 0–10% (as needed for site visits, projects, or audits)

On‑Call: May participate in a rotating on‑call schedule for security engineering support

Key Responsibilities
  • Engineer and maintain preventive and detective controls across endpoints, servers, network, identity, and cloud services (Azure/AWS).
  • Lead configuration hardening initiatives using industry benchmarks (e.g., CIS) and establish secure configuration baselines for common platforms (Windows, Linux, network devices, cloud services).
  • Design compensating controls for vulnerabilities that cannot be remediated through patching (e.g., configuration changes, isolation, access controls, WAF rules, EDR policy tuning, segmentation).
  • Own the technical control lifecycle: control requirements → design → implementation → testing/validation → monitoring → continuous improvement.
  • Develop and maintain control-as-code and automation (Power Shell/Python/Terraform/CI‑CD) to deploy and enforce configurations consistently.
  • Implement configuration compliance monitoring, drift detection, and remediation workflows; integrate with ticketing/ITSM for exception handling.
  • Partner with Vulnerability Management to translate findings into durable mitigations (hardening, compensating controls, secure defaults) and reduce recurring exposure.
  • Collaborate with SOC/IR to improve detections and containment policies aligned to threats and incidents; tune controls based on lessons learned.
  • Produce audit‑ready evidence: control narratives, diagrams, test results, screenshots/exports, and KPI dashboards.
  • Maintain standards, procedures, and runbooks for control engineering; mentor junior engineers and provide technical leadership to cross‑functional teams.
Typical Deliverables
  • Secure configuration baselines and reference architectures for key platforms.
  • Benchmark compliance reporting (coverage, drift, exceptions) with remediation plans.
  • Compensating control designs and validation artifacts for non‑patchable risk.
  • Automation modules/scripts (policy‑as‑code) to deploy or enforce controls at scale.
  • Control test plans, operational metrics, and audit evidence packages.
Required Qualifications
  • 7+ years in security engineering, systems engineering, or infrastructure engineering with a strong focus on security controls and hardening.
  • Hands‑on expertise with Windows and Linux hardening, identity controls, and endpoint security control configuration.
  • Experience implementing benchmark‑based configuration standards (e.g., CIS) and managing exceptions/risk acceptances.
  • Strong understanding of networking fundamentals (segmentation, firewalls, proxies, routing) and how to apply compensating controls.
  • Cloud security controls experience in Azure and/or AWS (IAM, network controls, logging, security services).
  • Proficiency in scripting/automation (Power Shell and/or Python); familiarity with infrastructure as code (e.g., Terraform) preferred.
  • Ability to translate risk into technical control requirements and document controls for audit and compliance purposes.
  • Excellent written and verbal communication; ability to work across infrastructure, application, and governance teams.
Preferred Qualifications
  • Experience with configuration management and compliance platforms (e.g., Intune, Group Policy, SCCM/MECM, Ansible, Chef, Puppet).
  • Experience with vulnerability scanning and exposure management tools (e.g., Tenable, Qualys, Rapid7) and mitigation engineering workflows.
  • Experience tuning EDR policies and implementing detection/response guardrails (e.g., Microsoft Defender for Endpoint, Sentinel One, Crowd Strike).
  • Experience with…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search