K2 ServicesRemote
Engineer, Information Security
United States of America
Full Time
1 hour ago
$90,000 - $110,000 USD
H1B Sponsor
Key skills
AzureCommunicationTime ManagementPenetration Testing
About this role
K2 Services is seeking an Information Security Engineer responsible for designing, implementing, and improving technical security controls. This role involves collaborating with various teams to enhance the organization's security posture and support the Information Security Program.
Responsibilities:
- Design, implement, administer, and maintain technical security controls across endpoint, network, identity, cloud, and infrastructure environments
- Support the configuration, administration, and optimization of security technologies, including endpoint protection, email security, firewalls, VPN, logging, monitoring, vulnerability management, and related platforms
- Monitor security events, alerts, and control health to identify issues, investigate suspicious activity, and support response and containment efforts
- Partner with IT and infrastructure teams to implement secure configurations, system hardening measures, and technical safeguards aligned with organizational security standards
- Perform technical security assessments, configuration reviews, and vulnerability analysis to identify control gaps and improvement opportunities
- Support vulnerability remediation by validating findings, helping prioritize risk, and coordinating with system owners on corrective actions
- Review penetration testing and security assessment results and help drive remediation planning and closure tracking
- Assist with security incident response activities, including investigation, containment support, documentation, and follow-up actions
- Contribute to the development, maintenance, and continuous improvement of security standards, technical baselines, procedures, and engineering documentation
- Support identity and access security efforts, including authentication controls, privileged access protections, and least-privilege design principles
- Collaborate with cloud, infrastructure, workplace, and application teams to integrate security requirements into operational and technical processes
- Support audit and compliance activities by helping provide technical evidence, validating control operation, and addressing control gaps where needed
- Work with vendors and external partners to support the secure implementation and operation of security technologies and services
- Stay current on evolving threats, attack techniques, vulnerabilities, and security technologies, and recommend improvements as appropriate
- Perform other duties as assigned
Requirements:
- Five or more years of experience in information security, cybersecurity, infrastructure security, or a related technical field
- Experience implementing, administering, or supporting enterprise security technologies and controls
- Experience with security monitoring, vulnerability management, endpoint security, secure configuration, incident response support, or related security operations and engineering functions
- Experience partnering with IT, infrastructure, cloud, or platform teams to implement or improve security controls in production environments
- Strong knowledge of information security principles, practices, and technical safeguards
- Working knowledge of security technologies such as firewalls, endpoint protection, vulnerability management tools, VPN solutions, email security platforms, logging and monitoring tools, identity and access controls, and encryption technologies
- Ability to analyze alerts, logs, events, and technical findings to identify potential threats, control gaps, or remediation needs
- Strong understanding of secure configuration, system hardening, least privilege, defense in depth, and risk reduction concepts
- Ability to assess vulnerabilities and security weaknesses and support practical remediation efforts
- Strong troubleshooting, analytical, and problem-solving skills with attention to detail
- Strong written and verbal communication skills, with the ability to work effectively across technical and non-technical teams
- Strong interpersonal skills and the ability to collaborate with internal stakeholders, external partners, vendors, auditors, and assessors
- Strong organizational and time management skills, with the ability to manage multiple priorities and follow tasks through completion
- Ability to adapt to evolving threats, technologies, and business requirements in a fast-paced environment
- Bachelor's degree in Computer Science, Information Technology, Information Security, Cybersecurity, or a related field is preferred
- Demonstrates professionalism, sound judgment, and accountability in the handling of security matters
- Maintains a high degree of integrity and discretion when working with sensitive systems, information, and incidents
- Able to work independently while also contributing effectively within a team environment
- Demonstrates a proactive mindset, technical curiosity, and a commitment to continuous improvement
- Ability to travel up to 5%
- Experience supporting audits, assessments, control validation, or remediation activities is beneficial
- Relevant certifications such as CompTIA Security+, SSCP, GIAC, Microsoft security certifications, or Azure security certifications are beneficial