Security Engineer- Remote (Anywhere in the U.S.)
Remote
Applications have closed
GuidePoint Security LLC
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
Job Overview
GuidePoint Security is seeking a Security Engineer who is passionate about security work and possesses both deep and wide expertise, including technical expertise, in the security space.
The Security Engineer will have diverse responsibilities within the security and compliance space. From a technical standpoint, this includes implementing, maintaining, and responding timely to the various technical controls used to manage GuidePoint’s risk. From a compliance standpoint, candidates are required to have knowledge and experience in industry good practices, control frameworks, audit and assessment methodologies, and risk management strategies.
The Security Engineer has an ongoing responsibility to help identify realistic, appropriate, and achievable opportunities to improve ease of use, promote efficiencies, and increase security return on investment. This includes designing and instituting the means to measure and report on control effectiveness. Additionally, the Security Engineer will help evolve and improve the enterprise’s risk management program at the strategic, operational, and tactical levels.
The Security Engineer will work closely with the Corporate IT team. They must have a strong technical acumen, possess a desire to learn about and determine how to protect various technologies, and be able to work both individually and as part of a multifunctional team.
Security Engineer Responsibilities
- Support compliance-related efforts, including contract reviews, supplier risk management, completing ongoing control assessments, and supporting internal and external audits and security testing.
- Identify and define system security requirements consistent with and aligned to policy, standards, and industry good practice.
- Contribute to the design of computer security architectures by helping incorporate cybersecurity into each architecture’s design.
- Engineer, implement, and monitor security measures for the protection of information resources.
- Configure and troubleshoot security controls, both for hosted technologies and those maintained on-premises.
- Partner with IT to implement technical solutions for automating repeatable tasks.
- Support, facilitate, and help improve security-related processes including (but not limited to): configuration management; vulnerability management; control monitoring; and incident response.
- Prepare and document policies, standards, processes, procedures, and protocols for delivering the Security Engineering portfolio of services internally.
- Develop comprehensive reports that measure security control performance, and which support designing and delivering system control enhancements.
Required Qualifications
- Five or more years of experience working in the information security industry.
- Two or more years of experience directly administering a technical control (e.g., identity and access management, malware protection, network segmentation, vulnerability management, etc.).
- Two or more years of experience either performing assessments/audits for, or demonstrating compliance with, one or more security practice frameworks or compliances (e.g., ISO 27001, SOC 2 Type 2, SOX, PCI DSS, etc.).
- Working knowledge of incident response good practices.
- Direct experience with third party contracting and supplier risk management.
- Possess at least one current security-related certification and be in good standing with certifying organization (e.g., a security certification from ISC2, ISACA, SANS-GIAC, etc.).
- Experience developing written security-related policies, standards, and processes.
- Excellent written and verbal communication skills.
Preferred Qualifications
- Bachelor’s or advanced degree, optimally in technology or business.
- Possess current or previous technical certification (e.g., Cisco, Microsoft, Linux, etc.).
- Direct experience working in incident response.
- Published security- and/or compliance-related article(s) in the public domain.
Why GuidePoint?
GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 600 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 2,000 clients.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.
Some added perks….
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions)
- 100% employer-paid medical and dental premiums with generous employer family contributions
- 11 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance GIAC Incident response ISACA ISO 27001 Linux Malware Monitoring PCI DSS Risk management SANS SOC 2 Vulnerability management
Perks/benefits: Flex hours Flex vacation
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs