Information Security Engineer II
Remote
Applications have closed
TrueAccord
The Opportunity:
TrueML’s InfoSec team maintains oversight and enforcement to ensure continued security and compliance. In this role, you touch the breadth of the operations working across all internal departments to identify and address information security issues systematically. The work will include security gap analysis, vulnerability management, event management, product engineers on best practices, and helping implement and validate relevant solutions.
What You'll Do:
- Hardening of technology, including software, hardware, and cloud services
- Support the enforcement and maturation of the vulnerability management program (detection, analysis, reporting, remediation assistance)
- Documenting security-related issues, initiatives, and rules
- Building and updating network and system diagrams
- Secure programming in a CI/CD environment
- Fully support the implementation of security safeguards that align with the business mission, goals, and objectives.
- Maintain compliance through regular security-related audits of laws, certifications, and contracts
- Administration of various security tools, including anti-malware, SIEM, security scanners, and other technical controls
- Designing and tracking security metrics
- Incident Response
- Data Security Maturation
What We're Looking For:
- Technical Baccalaureate, Professional Certification (CISSP, C|EH, CompTIA CySA), or 4+ years of experience in information security
- Strong knowledge of information security fundamentals
- Passionate about knowing the latest on trends and issues in the security industry, including new technologies
- Comfort with risk management frameworks and commercial certifications (PCI DSS, SOC 2, or ISO/IEC 27001)
- 2+ years of experience securing cloud services
- Advanced technical knowledge of infrastructure, applications, and cloud security models
- Advanced knowledge of information security standards, rules, and regulations related to information security and data confidentiality
- Coding experience in Python and Linux shell scripting
- Working knowledge of content trackers, ticketing systems, continuous integration and deployment technologies, and relevant cross-integrations
- Experience running audit and remediation projects
- Excellent written and verbal communication skills
Bonus Points:
- CIS Controls® and Benchmark implementation and audit experience
- Advanced knowledge of the Federal Information Security Management Act (FISMA) and SOC requirements/auditing
- Validated analytical and problem-solving abilities and working knowledge of relevant legal and regulatory requirements, such as the Health Insurance Portability and Accountability Act (HIPAA)
- Current security certifications supporting application development and cloud operations: CSSLP, AWS Security, CCSP, etc.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS C CCSP CI/CD CISSP Cloud Compliance CompTIA FISMA HIPAA Incident response Linux Machine Learning Malware PCI DSS Python Risk management Scripting SIEM SOC SOC 2 Vulnerability management
Perks/benefits: 401(k) matching Career development Health care Insurance Medical leave Parental leave Salary bonus Unlimited paid time off Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs