Security Engineer, Infosec Operations

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Security Engineer, Infosec Operations in United States.

As a Security Engineer in Infosec Operations, you will play a pivotal role in safeguarding enterprise environments through proactive vulnerability management and penetration testing initiatives. You will assess, analyze, and remediate security risks while collaborating closely with internal teams and clients to communicate findings effectively. This position combines hands-on technical expertise with strategic awareness, enabling you to enhance security programs, deliver tailored solutions, and strengthen organizational resilience. You will contribute to security awareness initiatives, reporting automation, and continuous improvement efforts. Operating in a fast-paced, remote environment, your work will directly impact the security posture of clients and stakeholders.

Accountabilities:

• Conduct vulnerability scanning and analysis using industry-standard tools, identifying and prioritizing risks.
• Perform autonomous penetration testing and assist in evaluating potential security threats.
• Collaborate with internal teams and clients to communicate vulnerabilities and recommended remediation actions, tailoring messaging for technical and non-technical audiences.
• Manage and enhance security awareness programs, including phishing campaigns and educational initiatives.
• Develop, customize, and automate client-facing reports and presentations to track security metrics and progress.
• Document and maintain security processes, procedures, and system configurations to ensure consistency and compliance.
• Stay updated on emerging cybersecurity threats and techniques, applying knowledge to improve security posture.

• Bachelor’s degree in Cybersecurity, Computer Science, or related field preferred.
• Relevant certifications such as CISSP, OSCP, Security+, GIAC, or Azure certifications are a plus.
• Proven experience in vulnerability management, penetration testing, and risk assessment.
• Hands-on expertise with systems, network/firewall administration, and Active Directory.
• Experience with SIEM, EDR, and security monitoring tools.
• Strong understanding of TCP/IP and application layer protocols (HTTP, SMTP, DNS, etc.).
• Ability to analyze complex data sets to make informed security decisions.
• Knowledge of cybersecurity threats, incident response procedures, and programming languages.
• Excellent written and verbal communication skills for technical and non-technical audiences.
• Team-oriented, collaborative, and committed to continuous learning in cybersecurity.