Security & Compliance Engineer
Salary undisclosed
Apply on
Original
Simplified
Job Description
Job Description
Description
Responsibilities
Security Controls: Implement, monitor, and maintain security controls across cloud, on-premises, and hybrid environments to safeguard systems, networks, and data.
Compliance Management: Ensure compliance with applicable regulations and standards such as NIST, CMMC, ITAR, and others relevant to our industry.
Security Audits & Assessments: Conduct regular security audits, vulnerability assessments, and risk analysis to identify gaps and propose remediation.
Security Framework Development: Develop, implement, and enforce security policies, procedures, and standards in line with industry best practices (e.g., NIST SP 800-171).
Incident Response: Lead the identification, investigation, and response to security incidents, ensuring timely resolution and mitigation.
Third-party Risk Management: Evaluate and manage security risks from third-party vendors, ensuring that their practices align with the company s security and compliance requirements.
Minimum Qualifications
Bachelor s degree in Information Security, Computer Science, or related field (or equivalent work experience).
6 years of experience in security and compliance, particularly within a cloud or hybrid IT environment.
Hands-on experience with security tools like SIEM, IDS/IPS, vulnerability scanners, and endpoint protection systems.
Solid understanding of networking protocols, firewalls, VPNs, and encryption technologies.
Experience with identity management, access control (IAM), and zero-trust architecture.
Relevant certifications such as CISSP, CISM, CEH, CISA, OSCP, or similar are highly preferred.
Preferred Skills and Experience
8 years of experience in security and compliance, particularly within a cloud or hybrid IT environment.
Experience with compliance requirements in defense/aerospace industries.
Familiarity with FedRAMP and other government compliance programs.
Hands-on experience with security automation and orchestration.
Strong knowledge of risk management methodologies and governance practices.
Additional Information:
Compensation bands are determined by role, level, location, and alignment with market data. Individual level and base pay is determined on a case-by-case basis and may vary based on job-related skills, education, experience, technical capabilities and internal equity. In addition to base salary, for full-time hires, you may also be eligible for long-term incentives, in the form of stock options, and access to medical, vision & dental coverage as well as access to a 401(k) retirement plan.
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
We are seeking a highly skilled and detail-oriented Security & Compliance Engineer to join our team. In this role, you will be responsible for designing, implementing, and maintaining security and compliance frameworks across our IT infrastructure. You will work closely with cross-functional teams to ensure that our systems meet regulatory standards, align with industry best practices, and maintain a strong security posture.
Responsibilities
Security Controls: Implement, monitor, and maintain security controls across cloud, on-premises, and hybrid environments to safeguard systems, networks, and data.
Compliance Management: Ensure compliance with applicable regulations and standards such as NIST, CMMC, ITAR, and others relevant to our industry.
Security Audits & Assessments: Conduct regular security audits, vulnerability assessments, and risk analysis to identify gaps and propose remediation.
Security Framework Development: Develop, implement, and enforce security policies, procedures, and standards in line with industry best practices (e.g., NIST SP 800-171).
Incident Response: Lead the identification, investigation, and response to security incidents, ensuring timely resolution and mitigation.
Compliance Reporting: Prepare and present detailed reports on compliance status and security metrics to senior management and external auditors.
Collaboration: Integrate with IT and partner with software, Legal, and other departments to ensure security and compliance are integrated into development processes, infrastructure, and operational practices.
Security Awareness: Conduct security awareness training and workshops for employees to build a security-conscious culture across the organization.
Third-party Risk Management: Evaluate and manage security risks from third-party vendors, ensuring that their practices align with the company s security and compliance requirements.
Documentation: Maintain detailed documentation for security policies, procedures, and compliance reports to ensure accountability and transparency.
Minimum Qualifications
Bachelor s degree in Information Security, Computer Science, or related field (or equivalent work experience).
6 years of experience in security and compliance, particularly within a cloud or hybrid IT environment.
Proficiency with regulatory frameworks such as NIST 800-171, CMMC, ITAR, etc.
Hands-on experience with security tools like SIEM, IDS/IPS, vulnerability scanners, and endpoint protection systems.
Experience working with multi-site cloud platforms (AWS, Azure, GCP) and securing multi-cloud environments.
Solid understanding of networking protocols, firewalls, VPNs, and encryption technologies.
Experience with identity management, access control (IAM), and zero-trust architecture.
Excellent communication and collaboration skills with the ability to explain complex security concepts to non-technical stakeholders.
Relevant certifications such as CISSP, CISM, CEH, CISA, OSCP, or similar are highly preferred.
Preferred Skills and Experience
8 years of experience in security and compliance, particularly within a cloud or hybrid IT environment.
Experience with compliance requirements in defense/aerospace industries.
Familiarity with FedRAMP and other government compliance programs.
Hands-on experience with security automation and orchestration.
Strong knowledge of risk management methodologies and governance practices.
Additional Information:
Compensation bands are determined by role, level, location, and alignment with market data. Individual level and base pay is determined on a case-by-case basis and may vary based on job-related skills, education, experience, technical capabilities and internal equity. In addition to base salary, for full-time hires, you may also be eligible for long-term incentives, in the form of stock options, and access to medical, vision & dental coverage as well as access to a 401(k) retirement plan.
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
Impulse Space is an Equal Opportunity Employer; employment with Impulse Space is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs