Security Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Conduct Coterie’s regular user access reviews under the guidance of the Principal Security Architect, collaborating with system owners to validate access and eliminate outdated or excessive entitlements across our environments.

• Collect, organize, and verify evidence to facilitate compliance testing and audits, adhering to established protocols to create evidence packets that trace access and modifications from request to approval.

• Manage our privileged access management program with oversight, emphasizing endpoint privilege management, local administrator elevation, least-privilege policies, and just-in-time access on endpoints within approved parameters.

• Assist in time-sensitive, authorized, and reviewed privileged access through Azure Privileged Identity Management (PIM), including role assignments and regular recertification of privileged accounts.

• Assess and respond to security operations alerts from our SIEM and endpoint tools under the mentorship of senior engineers, documenting, escalating, and aiding in the resolution of incidents.

• Oversee the daily administration of our security awareness program, which includes developing, scheduling, and reporting on phishing simulations and assigning follow-up training.

• Adhere to and uphold the procedures, standards, and documentation established by the team for access reviews, privileged access, and related security operations workflows.

• Employ a risk-based approach in daily activities and identify pain points, proposing continuous improvement ideas for these programs and processes.

• Collaborate with IT operations, engineering, and compliance teams to address access and process gaps and enhance Coterie’s security posture.

• Undertake additional security operations tasks that support the team, such as detection tuning, tracking vulnerability remediation, and evaluating tools, as instructed and as priorities evolve.

⛳️ Requirements

• 3–5 years of experience in security operations, identity/access administration, or a related technical field.

• Familiarity with cloud-native enterprise services.

• Strong understanding of identity and access management principles, including authentication, authorization, least privilege, and role-based access control.

• Practical experience with privileged access management, particularly regarding endpoint privilege management (handling local administrator rights and elevation).

• Experience in conducting or supporting access reviews and access certifications, along with the removal of unnecessary access.

• Knowledge of compliance frameworks (e.g., SOC 1, SOC 2, SOX) and assisting in the collection of audit evidence.

• Comfortable assessing alerts from a SIEM or endpoint security tools and following established response protocols.

• Experience managing or supporting a security awareness or phishing simulation platform.

• Proficient in operating established programs and processes under direction while contributing improvement ideas.

• Self-driven, detail-oriented, organized, and capable of managing recurring deadlines across multiple workstreams.

• Excellent written and verbal communication skills, with the ability to document processes clearly.

🏝️ Benefits

• 100% remote work.

• Health insurance through Aetna (we cover 100% of premiums).

• Dental and vision insurance through Guardian (we cover 100% of premiums).

• Basic life insurance (we cover 100% of premiums).

• Access to flexible spending accounts (FSA) or health savings accounts (HSA) for those enrolled in HSA-eligible plans.

• 401K plan with a 4% match and immediate vesting. Participants must be 21 years of age or older.

• Flexible PTO policy allowing employees up to 4 weeks of PTO in the first 12 months. After that, PTO usage aligns with company standards and usually does not exceed 5 weeks per calendar year.

• 12 company-paid holidays each year.

• Annual stipend for continuing education.