Information Security Engineer

About Ovative Group

Ovative Group is an independent, full‑funnel media, measurement, and creative firm that helps brands such as Best Buy, Domino's, American Eagle, and others transform their media and measurement programs.

We use our proprietary Mar Tech platform, EMRge, to measure businesses holistically and drive sustainable growth.

• Monitor security tooling and alerts across endpoint, cloud, and network environments; triage and escalade as appropriate.
• Perform log analysis and investigation to identify and scope the impact of security incidents.
• Support incident response and business continuity plan execution, including tabletop exercises and post‑incident reviews.
• Support managed detection and response (MDR) partner relationships and act on partner recommendations.
• Participate in root cause analyses for security findings; identify contributing factors and implement permanent fixes.
• Support the growth and innovation driven by generative AI technologies across the business.
• Participate in testing and reviewing new AI vendors and tools.
• Research AI security approaches and recommend AI security tooling and design.
• Provide support and training for security hygiene when using AI tools and frameworks such as spec kit, OWASP Gen AI Security, etc.
• Threat and vulnerability management: monitor threat info feeds; operate and monitor vulnerability scanning tools; track and remediate or document exceptions; prioritize remediation based on risk scoring and asset criticality.
• Coordinate with engineering and IT teams for timely patching and hardening of cloud and endpoint systems.
• Support penetration testing engagements: coordinate logistics, track findings, and drive remediation to closure.
• Administer and tune security tools including SIEM, vulnerability scanners, EDR, and CSPM platforms; build and maintain automation and scripts (Python, Bash, or similar) to streamline security operations and reduce manual toil.
• Evaluate and recommend new security tools in partnership with the Head of Information Security.

• Two‑year or four‑year degree in computer science, information security, technology, or related field; or 3+ years of equivalent experience.
• 2+ years of experience in a security operations, site reliability engineering, or other relevant role.
• Experience with vulnerability management tools and remediation workflows.
• Working knowledge of GCP and/or Azure security services and configurations.
• Familiarity with IAM, secrets management, and network security concepts in cloud environments.
• Proficiency in shell scripting and Python, Type Script, Go, or similar programming languages.
• Experience with modern Dev Sec Ops  practices and technologies (Git Hub, Jira, Confluence).
• Experience operating across cloud‑native security and enterprise productivity environments (GCP, Azure, M365).
• Strong analytical and problem‑solving skills; high attention to detail.
• Ability to communicate and champion security concepts and practices clearly to developers, data engineers, data scientists, and technical and non‑technical leadership.
• Preferred:
  Security certifications (CCSP, CEH, GSEC, GCIH, etc.).
• Experience with IaC tools such as Terraform, Ansible, or Puppet.
• Hands‑on experience with CSPM (Wiz, Lacework, etc.) and SIEM platforms.
• Experience with containerization technologies (Kubernetes, Docker).
• Familiarity with Dev Sec Ops  practices and software development lifecycle.
• Experience securing personal information or other regulated data.
• Exposure to security administration of Big Query, Databricks, or similar data platforms.

• Compensation range $75,000 to $93,000 (inclusive of 15% bonus).
• Base salary, annual bonus, and benefits transparency.
• Health insurance options inclusive of same‑sex partners.
• 401(k) match program.
• Generous paid vacation policy.
• Monthly stipend for mobile phone and data plan.
• Access to all office spaces in MSP, NYC, and CHI and frequent paid travel to Minneapolis headquarters.
• Sabbatical program.
• Charitable giving and time & financial match program.

Ovative is committed to fostering an inclusive environment where everyone can participate and thrive. We do not tolerate discrimination of any kind, including on the basis of race, sexual orientation, gender identity, or gender expression. Our policies reflect this commitment—for example, our medical leave benefits are inclusive of same‑sex partners, ensuring equitable care and support for all families.