VentureWellRemote
Senior IT Security Engineer
United States of America
Full Time
2 hours ago
$115,000 - $140,000 USD
Visa Sponsor
Key skills
IT systems engineeringSecurity engineeringNIST SP 800-171 complianceCMMC Level 2 complianceJamfmacOS managementGoogle Workspace administrationOkta administrationSlack administrationZoom administrationSalesforce administrationBox administrationLinux system administrationBash scriptingPython scriptingVulnerability managementLog aggregationSIEM toolsAWSSecurity principles - least privilegeSecurity principles - defense in depthSecurity principles - zero trustJamf 200Jamf 300Jamf 370CompTIA Security+AWS Certified Security – SpecialtyGIAC GISFGIAC GSECISC2 Certified in CybersecurityCISSPCertified CMMC ProfessionalNIST 800-171 ImplementerGoogle Professional Workspace AdministratorPythonBashCloudWatchOktaDatadogiOSSaaSSalesforceZero Trust
About this role
VentureWell is an organization that supports science and technology inventors, and they are seeking a Senior IT Security Engineer to oversee the security and reliability of their IT systems. The role involves managing macOS devices, securing SaaS platforms, and ensuring compliance with cybersecurity frameworks while driving continuous improvement in their IT security practices.
Responsibilities:
- Manage VentureWell’s device fleet (macOS, iOS, iPadOS) using Jamf, including configuration profiles, patching, encryption enforcement, and endpoint hardening
- Configure, administer, and secure SaaS platforms including Google Workspace, Okta, Slack, Zoom, Salesforce, Box, and BetterCloud, including integrations and lifecycle management
- Administer and maintain cloud-based systems and services (including AWS), partnering with vendors and internal teams to ensure uptime and security
- Serve as the escalation point for complex technical issues related to SaaS platforms, device management, identity systems, and integrations
- Maintain a transparent, documented SaaS application inventory and support software request review, vetting, and decision documentation
- Develop and maintain SOPs and technical documentation for systems, integrations, and operational processes
- Identify opportunities to improve system architecture, scalability, and reliability across SaaS and cloud environments and lead implementation of those improvements
- Evaluate and recommend new tools, technologies and integrations to enhance system performance, security and operational efficiency
- Drive continuous improvement of IT systems and processes, balancing day-to-day operational support with longer-term optimization initiatives
- Monitor and respond to security alerts, vulnerability findings, and threat intelligence across endpoint, SaaS, and cloud environments
- Perform root cause analysis on security incidents and recommend corrective actions
- Manage endpoint security tooling and monitoring (e.g., Jamf Protect) and integrate telemetry with logging platforms (e.g., Datadog, CloudWatch)
- Lead vulnerability scans, penetration test coordination, and remediation tracking
- Review logs and security reports to identify risks, trends, and required remediation
- Proactively identify security gaps, risks and emerging threats and implement improvements to strengthen VentureWell’s overall security posture
- Continuously enhance monitoring, detection and response capabilities across endpoint, SaaS and cloud environments
- Partner with internal team members to priorities and remediate vulnerabilities based on risk, business impact and organizational priorities
- Support implementation and ongoing maintenance of NIST SP 800-171 and CMMC Level 2 controls
- Maintain and update the System Security Plan (SSP) and Plan of Action & Milestones (POA&M)
- Draft, review, and maintain security policies, standards, baselines, and procedures
- Conduct Security Impact Analyses (SIA) for system changes, integrations, or architectural decisions
- Coordinate evidence collection and support internal and external audits
- Ensure secure configuration baselines are defined, documented, and reviewed on a regular basis
- Identify gaps in existing controls and lead efforts to strengthen and mature VentureWell’s compliance and security frameworks
- Translate compliance requirements (i.e. NIST 800-171, CMMC) into scalable, practical technical and operational solutions
- Drive continuous improvement of documentation, policies and control implementation to support audit readiness and long-term program maturity
Requirements:
- 7+ years of experience in IT systems engineering, security engineering, or a combined role
- Practical experience implementing or supporting cybersecurity compliance frameworks, particularly NIST 800-171 and/or CMMC
- Strong hands-on experience using Jamf to manage macOS environments, including policy creation and enforcement
- Experience administering SaaS platforms such as Google Workspace, Okta, Slack, Zoom, Salesforce, and Box
- Experience managing or securing Linux-based systems (Ubuntu, CentOS) in cloud environments
- Working knowledge of scripting or automation (Bash, Python, or similar)
- Strong understanding of security principles including least privilege, defense in depth, and zero trust
- Experience with vulnerability management, log aggregation, and monitoring/SIEM tools
- Ability to clearly document technical configurations, security controls, and processes
- Proven ability to operate independently, prioritize effectively, and drive initiatives forward with minimal oversight
- Ability to identify gaps and recommend scalable solutions to improve security posture, system reliability and operational efficiency
- Demonstrated ability to balance hands-on operational support with longer-term system and security improvements
- Jamf 200, 300, or 370 (Endpoint Security Admin)
- CompTIA Security+
- AWS Certified Security – Specialty
- GIAC Information Security Fundamentals (GISF) or Security Essentials (GSEC)
- ISC2 Certified in Cybersecurity (CC) or CISSP (Associate)
- Certified CMMC Professional (CCP) or NIST 800-171 Implementer
- Google Professional Workspace Administrator