Senior Corporate Security Engineer

A minimum of 8 years of experience in the information security field
Compliance Expertise: Proven experience owning and managing SOC 2, ISO 27001, and other compliance frameworks from initiation to completion.
Strong understanding of networking concepts, protocols, and tools (e.g., TCP/IP, DNS, VPNs, firewalls, IDS/IPS).
Hands-on experience with vulnerability management tools (e.g., Nessus, Qualys, or Rapid7).
Proficiency in endpoint protection platforms (e.g., CrowdStrike, SentinelOne) and SSO solutions (e.g., Okta, Azure AD).
Risk Management: Demonstrated ability to identify, assess, and mitigate security risks in dynamic environments.
Soft Skills: Excellent communication, problem-solving, and organizational skills.

Drive initiatives like SOC 2 Type 2 and ISO 27001, ensuring regulatory compliance. Establish and maintain a risk management framework aligned with business goals.
Design and implement security architectures across networks, endpoints, and applications. Conduct vulnerability assessments, penetration tests, and risk analyses to identify and remediate threats.
Manage endpoint protection, anti-virus solutions, and access control (RBAC) to safeguard our workforce. Enforce structured access policies—no ad-hoc permissioning.
Optimize security tools and controls, leveraging expertise in firewalls, VPNs, IDS/IPS to protect corporate environments.
Work with Product Security, IT, and Engineering teams to integrate security into operations. Mentor junior team members on best practices.

Certifications such as CISSP, CISM, or CISA.
Experience with cloud security frameworks (e.g., AWS, GCP, Azure).
Familiarity with automation and scripting languages (e.g., Python, Bash) to streamline security processes.