SCS Global ServicesRemote
Security Engineer II
United States of America
Full Time
8 hours ago
$100,000 - $130,000 USD
H1B Sponsor Likely
Key skills
PowerShellAWSAzureTerraformIAMEntra IDCI/CDCloud Security
About this role
SCS Global Services is a pioneer in sustainability standards and certification, and they are seeking a Security Engineer II. This role is responsible for designing, implementing, and owning security controls across various layers, with a focus on operational soundness and business alignment.
Responsibilities:
- Design and implement security control architectures and reference implementation patterns aligned with ISO 27001:2022 and related security frameworks (CIS, NIST CSF, MITRE ATT&CK), within established organizational standards
- Engineer and maintain assigned security controls across the following domains: Identity: Entra ID/Conditional Access/MFA/PAM, Endpoint: Intune/EDR/XDR (CrowdStrike), Workloads: Azure/AWS security/container security/CI/CD controls, Data: DLP/encryption/key management
- Develop, maintain, and operationalize security standards, baselines, and reference architectures in partnership with IT and application stakeholders
- Perform threat modeling (STRIDE) and risk assessments for new systems and material changes, translating findings into actionable security controls and remediation recommendations
- Lead security discovery and integration activities for new and existing environments, including current state assessment, gap analysis, and development of prioritized remediation plans
- Proactively identify security improvement opportunities, propose viable solutions, and execute approved work items to completion
- Integrate and optimize security tooling, including log source onboarding, alert tuning, and workflow automation
- Partner with Development and Application teams to embed security by design
- Support audit and compliance activities related to ISO 27001:2022, including evidence collection and control implementation validation
Requirements:
- Bachelor's Degree in computer science, information systems, or a related field, or equivalent work experience
- 6+ years of IT Experience
- 3+ years in an IT Security or Security Engineering role
- Strong practical knowledge of systems and infrastructure engineering (Windows/Linux fundamentals, networking, cloud architecture, identity, and common enterprise services) to make sound security recommendations and assess operational impact
- Proven ability to scope security improvements into actionable work items, estimate level of effort, and partner with infrastructure/application owners to drive implementation
- Cloud security experience (Azure preferred)
- Experience with scripting and infrastructure as code for security automation and control deployment (PowerShell, Terraform, ARM/Bicep) to implement at scale
- Experience with a MDR/vSOC provider and integrating EDR telemetry and incident workflows (CrowdStrike preferred)
- Strong understanding of Identity and Access Management (IAM) concepts and implementations
- Working knowledge of industry security frameworks and standards, including ISO 27001:2022 (preferred), NIST CSF, CIS Controls, and MITRE ATT&CK, and their application to security control design
- Demonstrated ownership mindset: able to work from broad direction, handle ambiguity, prioritize, and drive work to completion
- Practical experience implementing security controls within Azure/M365 environments
- Experience with SIEM platforms, including log onboarding, detection tuning, and workflow integration (Microsoft Sentinel preferred)
- Strong analytical skills with the ability to translate security and infrastructure risk into practical technical controls
- Microsoft Azure Security Engineer
- Microsoft Azure Administrator
- Microsoft Azure Architect
- Certified Cloud Security Professional (CCSP)