Senior IT Security Engineer (Remote)

Job summary

This role involves leading the information security program and engineering security systems for a growing ecosystem. The position requires a senior individual contributor with extensive experience in IT security and engineering, focusing on compliance and security architecture.

Qualifications

• Over 7 years of experience in information security with a strong IT engineering background.
• Proven track record in managing SOC II Type 2 and ISO 27001 readiness and audits.
• Hands-on experience with identity and access management (IAM), endpoint security, and cloud platforms (AWS or GCP).
• Proficient in scripting languages such as Python, Go, or Bash for automation.
• Familiarity with SSO/IdP platforms, MDM/EDR tools, and logging/SIEM systems.
• Strong written communication skills for policy documentation and audit narratives.
• Ability to manage risk and processes effectively under pressure.
• Exposure to cryptocurrency or AI/ML is a plus.

Responsibilities

• Lead the information security program and collaborate with security leadership on shared initiatives.
• Ensure compliance with SOC II Type 2 and ISO 27001 through control design and evidence collection.
• Manage security incident response, logging, monitoring, and alerting processes.
• Oversee vulnerability management and third-party risk assessments.
• Design and harden security architecture for identity, access, and endpoint systems.
• Automate security and compliance workflows across the SaaS environment.
• Serve as a senior technical resource for complex security challenges.
• Maintain a secure cloud environment and manage security policies.

Skills

• Strong technical depth in IT security and engineering.
• Experience in leading security programs and compliance initiatives.
• Proficient in security architecture and automation.
• Excellent communication and documentation skills.

Education

• Relevant degree in Information Technology, Cybersecurity, or a related field is preferred.

Tools

• Familiarity with security tools and platforms such as Okta, Google Workspace, and various MDM/EDR solutions.