IT Security Engineer
Role details
Job location
Tech stack
Job description
The IT Security Engineer applies Information Technology (IT) security principles, methods, and security products, including AI-powered security tools and automation, to protect and maintain the availability, integrity, confidentiality, and accountability of company IT resources, as well as the physical security and access of property and personnel. This role leverages AI and machine learning technologies to enhance threat detection, accelerate incident response, and strengthen the organization's overall security posture. The position is responsible for executing assigned tasks to support and implement the goals of the company's Information Security initiatives on time and within the approved budget., The Essential Duties and Responsibilities listed below are a range of duties performed by the employee and not intended to reflect all duties performed.
IT Security Configuration & Infrastructure
· Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
· Collaborates with others in the Company (i.e., Information Technology engineers, Network Engineers, etc.) to perform design review and analysis of network infrastructure modifications.
· Periodically reviews firewall and router rules and access control lists.
· Responsible for PKI Infrastructure management and support - User and Server Authentication.
Policy, Compliance & Documentation
· Develops, documents, and maintains methodology for sensitive and critical application and general support for IT security systems.
· Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
· Ensures processes and procedures are developed, documented, maintained, and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory requirements.
Threat Detection, Risk & Vulnerability Management
· Develops policies, procedures and maintains scripts, routines, and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; leverages AI/ML-based detection tools to identify malware, anomalous behavior, and malicious activities at scale.
· Monitors and reviews intrusion detection systems and firewall logs, utilizing AI-driven behavioral analytics and SIEM platforms to identify adverse patterns and coordinate mitigation responses.
· Performs security assessments, risk identification and mitigation planning and execution.
· Leads vulnerability management efforts and actively participates in patch management and risk management processes.
· Participates in emergency operations, including the Computer Security Incident Response Team.
· Deploys and manages AI-powered security tools including AI-driven SIEM, endpoint detection and response (EDR), and user and entity behavior analytics (UEBA) platforms to improve detection accuracy and reduce mean time to respond (MTTR).
· Evaluates emerging AI-driven attack vectors (e.g., adversarial AI, AI-generated phishing, deepfake social engineering) and develops countermeasures to protect company assets.
Research, Training & Awareness
· Research technical and IT security topics, including developments in AI/ML security tooling, generative AI risks, and emerging threat landscapes; maintains information on industry trends.
· Assists with the development and implementation of the Cyber training and awareness program, incorporating AI-specific threat scenarios such as AI-generated phishing simulations and guidance on safe use of AI tools within the organization.
AI-Augmented Security Operations
· Integrates and manages AI-powered security automation workflows, including automated alert triage, threat hunting playbooks, and AI-assisted incident response runbooks to reduce analyst workload and response times.
· Develops and enforces an AI Acceptable Use Policy, establishing security guardrails for employee use of generative AI tools (e.g., ChatGPT, GitHub Copilot) and ensuring data loss prevention controls are applied to AI interactions.
· Collaborate with IT and business teams to perform AI risk assessments on proposed AI/ML solutions, evaluating model security, data privacy, and supply chain risks prior to deployment.
Other Duties
· Performs other duties as required to support the business and evolving organization., The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking, or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.
Work Environment
Work is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse, and multi-line telephone system. The work is primarily a modern office setting.
At all times, Ziply Fiber must be your primary employer. Unless otherwise prohibited by law, employees may not hold outside employment nor be self-employed without obtaining approval in writing from Ziply Fiber. In holding outside employment or self-employment, employees should ensure that participation does not conflict with responsibilities to Ziply Fiber or its business interests.
Requirements
· BS in Information Technology or equivalent technical discipline.
· Three (3) to five (5) years of direct Cyber Engineer or information assurance experience.
· Strong experience working with market standard Vulnerability Assessment tools and AI-powered security platforms (e.g., Darktrace, CrowdStrike Falcon, Microsoft Sentinel, or similar).
· Experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation.
· Experience with policy and process documentation.
· Understanding of DNS, DHCP and LDAP.
· System hardening experience utilizing STIGs, CIS or USGCB.
· Security Incident Response experience.
· Strong oral and written communication abilities with experience writing policies.
· Possess strong analytical and troubleshooting skills.
· Able to serve as a technical resource to IT staff.
· Practical experience using AI/ML-powered security tools or SOAR platforms for threat detection, automated response, or security analytics.
· Familiarity with AI governance frameworks and the security risks associated with enterprise deployment of generative AI and large language model (LLM) applications.
Preferred Qualifications:
· CISM, CISA, CRIS, CISSP, Security+ or similar certification; AWS/Azure/Google Cloud Platform Security Specialty certification or AI/ML security training (e.g., GIAC GAIOPS, Google Professional ML Engineer, or vendor-specific AI security certifications) a plus.
Knowledge, Skills, and Abilities:
· Ability to work independently and apply sound judgment and reasoning skills to a variety of situations.
· Ability to multi-task and collaborate effectively with other personnel to meet deadlines.
· Strong verbal and written communication, attention to detail, and organizational skills.
· Ability to work within critical deadlines.
· Ability to adjust to rapidly changing priorities and schedules.
· Ability to provide excellent customer service.
Work Authorization
Applicants must be currently authorized to work in the US for any employer. Sponsorship is not available for this position.