Job Description:
• Design and implement security control architectures and reference implementation patterns aligned with ISO 27001:2022
• Engineer and maintain assigned security controls across domains like Identity, Endpoint, Workloads, and Data
• Develop, maintain, and operationalize security standards, baselines, and reference architectures
• Perform threat modeling (STRIDE) and risk assessments for new systems
• Lead security discovery and integration activities for new and existing environments
• Proactively identify security improvement opportunities and execute approved work items
• Integrate and optimize security tooling
• Partner with Development and Application teams to embed security by design
• Support audit and compliance activities related to ISO 27001:2022
Requirements:
• Bachelor's Degree in computer science, information systems, or a related field, or equivalent work experience
• 6+ years of IT Experience
• 3+ years in an IT Security or Security Engineering role
• Strong practical knowledge of systems and infrastructure engineering (Windows/Linux fundamentals, networking, cloud architecture, identity, and common enterprise services)
• Proven ability to scope security improvements into actionable work items
• Cloud security experience (Azure preferred)
• Experience with scripting and infrastructure as code for security automation and control deployment (PowerShell, Terraform, ARM/Bicep)
• Experience with a MDR/vSOC provider
• Strong understanding of Identity and Access Management (IAM) concepts and implementations
• Working knowledge of industry security frameworks and standards, including ISO 27001:2022 (preferred), NIST CSF, CIS Controls, and MITRE ATT&CK
• Practical experience implementing security controls within Azure/M365 environments
Benefits:
• Health insurance
• Flexible work arrangements
• Professional development opportunities