Information Security Engineer
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of experience in Information Security, Security Engineering, or Security Operations roles within a SaaS or cloud-centric environment • Hands-on experience supporting incident response and investigations, including building/using runbooks and participating in post-incident reviews • Experience implementing and operating security controls and security tooling across endpoints, SaaS applications, and cloud environments • Working knowledge of cloud security fundamentals (AWS, Azure, or GCP), identity/access concepts (SSO, MFA, RBAC), and modern security best practices • Ability to collaborate effectively with technical teams (DevOps, Engineering, Observability, AppSec) to drive remediation and measurable risk reduction • Familiarity with vulnerability and risk concepts (CVEs, prioritization, remediation tracking), even if not the program owner • Strong documentation habits and an operational mindset (clear processes, repeatability, auditability) • Due to FedRAMP requirements, candidates must be a U.S. Person • Experience in compliance-driven environments (FedRAMP, GovRAMP, SOC 2, ISO 27001, NIST 800-53) and supporting evidence collection/operational readiness • Experience with EDR, email security, and/or SaaS security controls (tooling specifics vary) • Experience with identity security workflows (access reviews, privileged access processes, conditional access patterns) • Scripting/automation experience (Python, Bash, PowerShell) and comfort integrating systems via APIs • Exposure to detection engineering, threat intelligence workflows, or SOAR-style automation (without needing to be the SIEM/platform owner) • Experience in cybersecurity or high-scale SaaS organizations
Responsibilities
• Support and execute security incident response activities, including triage, investigation support, containment coordination, lessons learned, and corrective action tracking • Develop and maintain incident response playbooks, runbooks, and escalation paths; participate in and help run tabletop exercises • Operate and improve enterprise security controls and tooling (e.g., endpoint protection/EDR, SaaS security controls, email security, access control workflows), ensuring reliable configuration and ongoing effectiveness • Partner with Observability Engineering to ensure security-relevant telemetry is available for investigations and response (without owning SIEM/telemetry platform administration) • Partner with Vulnerability Management to drive remediation execution, validate fixes where appropriate, and reduce repeat findings through hardening and control improvements • Coordinate security investigations with DevOps, IT, and Engineering teams; track actions through to closure and document outcomes • Support access governance and least-privilege initiatives, including periodic access reviews, privileged access workflows, and secure authentication controls • Create and maintain security documentation for processes, controls, and operational procedures to enable consistency across teams and geographies • Assist with security control evidence and operational readiness activities for compliance frameworks (e.g., SOC 2, ISO 27001, FedRAMP/GovRAMP, NIST 800-53) in partnership with Compliance and platform teams • Identify opportunities for automation to improve security operations efficiency (ticketing workflows, control checks, integrations, scripting)
Benefits
• Medical, Dental & Vision (inclusive of domestic partnerships) • Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life • Voluntary Short/Long Term Disability Insurance • 401K (Roth/Traditional) • A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc) • Above market annual bonuses