Security Engineer

  • Network/Security

  • Remote

  • Permanent / Full Time

About the job:
Title: Security Engineer
Start Date: Immediate
Position Type: Contract/ Full-time Employment
Location: Remote across USA/ Canada

 
Job Description:

 
Cloud & Hybrid Infrastructure

  • Azure IaaS / Entra ID (Azure AD) | Advanced | Critical | Identity, network security groups, conditional access
  • AWS EC2 / IAM / VPC | Intermediate | Medium | Optional but preferred
  • GCP Compute / IAM / VPC | Intermediate
  • Azure Policy, Defender for Cloud | Intermediate | High | Enforce cloud compliance / secure posture
  • Hybrid networking (VPN, ExpressRoute, BGP) | Intermediate | High | Secure cross-environment connectivity
  • Infrastructure as Code (Terraform, Bicep, ARM templates) | Intermediate | High | Automate deployments with embedded security controls
  • Azure Arc / hybrid management | Nice to Have | Low | Optional advanced hybrid management

 
Security Architecture & Design
  • Defense-in-Depth Implementation | Expert | Critical | Expect depth across endpoint, identity, network, data
  • Zero Trust Architecture (NIST SP 800-207) | Advanced | High | Network segmentation, JIT access, strong identity enforcement
  • Secure configuration frameworks (CIS, STIGs) | Advanced | Critical | Hands-on enforcement, validation via automation
  • PAM (e.g., Delinea Secret Server, CyberArk, BeyondTrust, Azure PIM) | Intermediate | High | Tiered admin access enforcement
  • Identity Federation / SSO (SAML, OIDC, SCIM) | Intermediate | Medium | Identity flow understanding and ADFS/SSO config
  • Micro-segmentation / Firewall policy design | Intermediate | High | Expect examples from past experience

 
Security Monitoring & Operations
  • Endpoint Detection & Response (CrowdStrike, Defender, etc.) | Intermediate | High | Implementation & policy tuning
  • SIEM (Logscale, Sentinel, Splunk, etc.) | Intermediate | High | Logging pipelines, custom alert logic
  • Patch & configuration management (Tanium, SCCM, Ansible) | Advanced | High | Secure baselining, policy compliance automation
  • Threat modeling / system-level risk assessment | Advanced | High | Real-world experience identifying & mitigating threats
  • Forensics & incident response support | Intermediate | Medium | Tier-3 involvement in past incidents preferred

 
Automation & Scripting
  • PowerShell (incl. secure AD/Azure scripting) | Advanced | Critical | Infrastructure provisioning & config validation
  • Python / Bash | Intermediate | Medium | Automation tasks and system orchestration
  • CI/CD integration (GitHub, Azure DevOps) | Intermediate | Medium | Security control in release pipelines

 
Compliance & Governance
  • NIST 800-53 / 800-171 / FedRAMP / ISO 27001 / SOC2 | Working Knowledge | High | Must understand how to implement controls
  • Logging & audit strategy design | Advanced | High | Immutable logging, log routing to SIEM
  • Tiered access model design | Advanced | High | Tier 0–2 account and system separation

 
Soft Skills
  • Technical documentation & architecture diagrams | Advanced | High | Ability to communicate with both technical & non-technical
  • Incident response collaboration | Advanced | High | Cross-team coordination experience
  • Communication with leadership / compliance teams | Intermediate | High | Can explain risk posture and system design to executives
  

Apply Now

Main Logo
Rocket