Senior Information Security Engineer

About The Position

Requirements

• Bachelor’s Degree in Computer Science, Information Security, Information Assurance, or related technology field.
• 7+ years of hands‑on experience in enterprise information / cyber security and IT risk management.
• 3+ years of deep expertise in AWS and Azure security, cloud‑native tools, and modern security architectures.
• Strong background in threat modeling, network security, vulnerability management, automation, and secure engineering practices.
• Experience with industry frameworks such as NIST, CIS, PCI DSS, FFIEC.
• Proven experience with regulations, policies, standards and framework pertaining to information and cyber security including PCI DSS standards, FFIEC guidelines on cybersecurity, CIS / NIST framework.
• Proven experience with secure coding standards and best practices; SAST/DAST/IAST tooling; API security; and integration of security controls into CI/CD pipelines (DevSecOps).
• Proven experience with virtualization and container technologies, such as VMware, Citrix Xen, Docker, or Kubernetes.
• At least one relevant certification (CISSP, GIAC, Security+, AWS Security – Specialty, Azure Security Engineer, etc.).
• Ability to influence, partner cross‑functionally, and operate under urgency with sound judgment.

Responsibilities

• Lead complex risk, vulnerability, and purple‑team assessments to identify, validate, and remediate threats.
• Architect secure network, application, data, and cloud environments—covering AWS, Azure, DevSecOps pipelines, and enterprise platforms.
• Drive implementation of security tooling, automation frameworks, EDR/XDR, SIEM, SOAR, and secure configuration baselines.
• Partner with Engineering, Infrastructure, and external vendors to design and validate secure solutions.
• Serve on the Cybersecurity Incident Response Team, leading investigations and post‑incident improvements.
• Create and maintain security policies, training, and best practices, mentoring teams on zero‑trust and security‑by‑design principles.
• Designs, develops, and documents: (1) network security architecture and baseline configuration standards for firewalls, routers, switches, load balancers, and related network appliances; (2) device security architecture and baseline configuration standards for servers, workstations and mobile devices; (3) application and data security architecture and baseline configuration standards for databases and enterprise applications; and (4) cloud platform security architecture and baseline configuration standards for AWS and Microsoft Azure services.
• Provide expert guidance in areas such as vendor risk, cloud security, secure coding, and application security.
• Conducts and leads purple team risk and vulnerability assessments against systems and processes to ensure appropriate controls are in place, and recommends and implements controls to remediate risk findings.

Benefits

• Health Coverage: Comprehensive benefits, including Anthem, Delta Dental, and VSP, effective from your first day.
• Financial Security: Life insurance at no cost and a 401(k) plan with an employer match up to 6%.
• Work-Life Balance: 13 days of vacation and seven (7) sick days annually and paid holidays.
• Recognition & Growth: Annual merit increases, discretionary and referral bonuses, as well as educational grants up to $1,000 per year.