SCS Global ServicesRemote
Security Engineer II
United States of America
Full Time
3 weeks ago
$100,000 - $130,000 USD
H1B Sponsor Likely
Key skills
PowerShellAWSAzureTerraformIAMEntra IDCI/CDCloud Security
About this role
SCS Global Services is a leader in sustainability standards and third-party certification, committed to socially and environmentally responsible practices. The Security Engineer II is responsible for designing and implementing security controls across various layers, ensuring they are operationally sound and aligned with business needs, while working independently with minimal oversight.
Responsibilities:
- Design and implement security control architectures and reference implementation patterns aligned with ISO 27001:2022 and related security frameworks (CIS, NIST CSF, MITRE ATT&CK), within established organizational standards
- Engineer and maintain assigned security controls across the following domains: Identity: Entra ID/Conditional Access/MFA/PAM, Endpoint: Intune/EDR/XDR (CrowdStrike), Workloads: Azure/AWS security/container security/CI/CD controls, Data: DLP/encryption/key management
- Develop, maintain, and operationalize security standards, baselines, and reference architectures in partnership with IT and application stakeholders
- Perform threat modeling (STRIDE) and risk assessments for new systems and material changes, translating findings into actionable security controls and remediation recommendations
- Lead security discovery and integration activities for new and existing environments, including current state assessment, gap analysis, and development of prioritized remediation plans
- Proactively identify security improvement opportunities, propose viable solutions, and execute approved work items to completion
- Integrate and optimize security tooling, including log source onboarding, alert tuning, and workflow automation
- Partner with Development and Application teams to embed security by design
- Support audit and compliance activities related to ISO 27001:2022, including evidence collection and control implementation validation
Requirements:
- Bachelor's Degree in computer science, information systems, or a related field, or equivalent work experience
- 6+ years of IT Experience
- 3+ years in an IT Security or Security Engineering role
- Strong practical knowledge of systems and infrastructure engineering (Windows/Linux fundamentals, networking, cloud architecture, identity, and common enterprise services) to make sound security recommendations and assess operational impact
- Proven ability to scope security improvements into actionable work items, estimate level of effort, and partner with infrastructure/application owners to drive implementation
- Cloud security experience (Azure preferred)
- Experience with scripting and infrastructure as code for security automation and control deployment (PowerShell, Terraform, ARM/Bicep) to implement at scale
- Experience with a MDR/vSOC provider and integrating EDR telemetry and incident workflows (CrowdStrike preferred)
- Strong understanding of Identity and Access Management (IAM) concepts and implementations
- Working knowledge of industry security frameworks and standards, including ISO 27001:2022 (preferred), NIST CSF, CIS Controls, and MITRE ATT&CK, and their application to security control design
- Demonstrated ownership mindset: able to work from broad direction, handle ambiguity, prioritize, and drive work to completion
- Practical experience implementing security controls within Azure/M365 environments
- Experience with SIEM platforms, including log onboarding, detection tuning, and workflow integration (Microsoft Sentinel preferred)
- Strong analytical skills with the ability to translate security and infrastructure risk into practical technical controls
- Microsoft Azure Security Engineer
- Microsoft Azure Administrator
- Microsoft Azure Architect
- Certified Cloud Security Professional (CCSP)