Security Engineer II

This is a fully remote position, open to applicants in United States.

📋 Description

• Design and establish security control architectures and reference implementation models in accordance with ISO 27001:2022 standards.

• Engineer and oversee the maintenance of assigned security controls across various domains including Identity, Endpoint, Workloads, and Data.

• Create, sustain, and operationalize security standards, baselines, and reference architectures.

• Conduct threat modeling (STRIDE) and risk assessments for newly developed systems.

• Lead security discovery and integration initiatives for both new and existing environments.

• Proactively seek opportunities for security enhancements and carry out authorized work items.

• Integrate and refine security tools for maximum efficiency.

• Collaborate with Development and Application teams to embed security considerations into the design process.

• Assist with audit and compliance tasks related to ISO 27001:2022.

⛳️ Requirements

• A Bachelor's Degree in computer science, information systems, or a related discipline, or equivalent professional experience.

• Over 6 years of experience in IT.

• At least 3 years in an IT Security or Security Engineering position.

• Strong hands-on knowledge of systems and infrastructure engineering, including Windows/Linux fundamentals, networking, cloud architecture, identity management, and common enterprise services.

• Demonstrated ability to translate security improvements into actionable tasks.

• Experience in cloud security, preferably with Azure.

• Proficient in scripting and infrastructure as code for security automation and control deployment (PowerShell, Terraform, ARM/Bicep).

• Familiarity with a Managed Detection and Response (MDR) or virtual Security Operations Center (vSOC) provider.

• Strong comprehension of Identity and Access Management (IAM) principles and implementations.

• Working knowledge of industry security frameworks and standards such as ISO 27001:2022 (preferred), NIST CSF, CIS Controls, and MITRE ATT&CK.

• Practical experience in implementing security controls within Azure/M365 environments.

🏝️ Benefits

• Health insurance.

• Flexible work arrangements.

• Opportunities for professional development.