Sr Information Security Engineer

Responsibilities

• The Senior Information Security Engineer is responsible for implementing and managing a comprehensive security program to protect our organization’s data and systems from cyber threats. They will work closely with other members of the IT team to ensure the security of our infrastructure, applications, and data.
• Identify and define system security requirements across on-premises, hybrid, and cloud environments, translating business and regulatory needs into actionable technical security controls and standards. (10%)
• Design security architectures and develop detailed cybersecurity designs for infrastructure, applications, and cloud services, including identity, network segmentation, logging, monitoring, and privileged access models. (5%)
• Prepare, maintain, and document standard operating procedures, technical standards, and security protocols, including cloud security baselines, privileged access workflows, and incident response runbooks. (10%)
• Configure, manage, and troubleshoot security infrastructure tools and platforms, including identity and access management, Privileged Access Management (PAM), cloud security services, and security monitoring solutions. (10%)
• Develop and engineer technical security solutions to mitigate risk and improve operational efficiency, with a strong focus on:
  • Privileged Access Management (vaulting, session management, just‑in‑time access, secrets management)
  • Cloud security controls for IaaS, PaaS, and SaaS environments
  • Automation of repeatable security tasks using scripting, orchestration, and Infrastructure as Code (15%)
• Collaborate closely with IT and Information Security teams (infrastructure, cloud, application, and Dev Ops) to ensure security controls are consistently implemented across systems, applications, data, and cloud platforms. (10%)
• Monitor emerging cybersecurity threats, attack techniques, and industry trends, assessing impact to the organization and recommending enhancements to tooling, architecture, and security posture. (5%)
• Provide technical guidance and hands‑on support to IT teams on security best practices, secure design patterns, cloud security architecture, and privileged access controls. (10%)
• Prepare and present project status, risk updates, and security initiatives to leadership, clearly communicating technical concepts and risk‑based recommendations. (5%)
• Lead and mentor junior security engineers, providing technical direction, design reviews, knowledge sharing, and support for skill development and career growth. (10%)
• Provide “Person in Charge” (PIC) coverage when on rotation, acting as the senior escalation point for complex security issues, incidents, and operational decisions. This responsibility is factored into base salary. (5%)

• 5 years experience as a Cloud Security Engineer, Information Security Engineer, or Dev Sec Ops  Engineer
• 5 years experience with network, cloud, and computer system security, including security mechanisms such as user access controls, role-based access control, SSO, file permissions, firewall policies, and audit logs.
• 5 years experience in security systems, including firewalls, intrusion detection systems, endpoint protection systems, web application firewalls, vulnerability scanning software, privilege access management, data loss protection, log management, content filtering.
• 5 years experience in developing and deploying security solutions to defend against advanced cyber threats.
• 5 years experience in reviewing and monitoring security systems to ensure they are functioning properly and securely.
• 5 years experience with investigating intrusion incidents, conducting investigations and handling security incidents.
• Bachelor’s degree in Computer Science, Information Security, Information Technology or related discipline.
• CISSP, CISM, Azure Security Engineer, or similar certification.
• The Company is an equal employment opportunity employer.

Sponsorship not Offered for this Role.