Information Security Engineer

As an Information Security Engineer, you will support enterprise security engineering initiatives with a focus on baseline configurations and secure system standards. You will work across a broad set of technologies, collaborating with IT, application, and product teams to reduce security risk and improve compliance through scalable, well-documented security configurations.

This role is suited for a hands-on security engineer who thrives in a high-volume, process-driven enterprise environment and is comfortable managing multiple workstreams independently. Responsibilities

• Develop, review, and publish secure baseline configurations for enterprise systems, averaging 10+ configurations per month.
• Apply secure configuration and hardening principles across Windows and Linux platforms.
• Participate in low- to moderately-complex security engineering initiatives and identify opportunities for process improvement.
• Review and analyze security engineering assignments requiring research, evaluation, and selection of appropriate solutions.
• Support vulnerability management activities, including validation, prioritization, remediation coordination, and exception documentation.
• Collaborate with application owners, product teams, and infrastructure partners to gather requirements and drive remediation actions.
• Apply IAM fundamentals, including least-privilege access, MFA concepts, and account lifecycle practices.
• Support logging and monitoring efforts by identifying common log sources and assisting with SIEM alert triage.
• Produce clear technical documentation and present actionable security recommendations to stakeholders.
• Manage your own workload effectively, breaking down complex initiatives into achievable tasks and driving them to completion.

• 2+ years of experience in Information Security Engineering or equivalent practical experience through consulting, training, military service, or education.
• Experience with secure system configuration and hardening (Windows and/or Linux).
• Fundamental understanding of networking concepts.
• Experience writing clear technical documentation and maintaining strong ticket discipline.
• Ability to work effectively in cross-functional environments and communicate with both technical and non-technical partners.
• Proficiency with Microsoft Office tools, including Excel for data analysis and reporting.

Preferred Qualifications

• Experience writing or maintaining enterprise baseline configurations at scale.
• Scripting experience (Python and/or PowerShell) for automation or reporting.
• Familiarity with security tools such as EDR platforms, SIEMs, and vulnerability scanners.
• Cloud security fundamentals (AWS, Azure, or Google Cloud Platform) and/or virtualization technologies.
• Working knowledge of security frameworks and controls (e.g., CIS Controls, NIST-aligned frameworks).
• Background supporting large enterprises or regulated industries (e.g., financial services).
• Experience working in high-process, high-volume technical environments.

What We Look For

• Project Execution: Ability to independently manage work, prioritize effectively, and move initiatives forward in a complex organization.
• Relationship Management: Strong interpersonal skills with the ability to influence and collaborate without direct authority.
• Technical Depth: Intermediate to advanced security engineering knowledge, with the ability to go deep in at least one technical domain (e.g., Linux, Windows, automation).