IT Security Engineer II

About the Opportunity

As an IT Security Engineer II, you will play a crucial role in safeguarding the digital assets of an organization supporting thousands of independent dealers across various sectors like appliance, furniture, and electronics. This position focuses on designing, implementing, and maintaining robust security controls to protect networks, systems, applications, and data. You will be actively involved in threat monitoring, incident response, ensuring compliance, and continuously strengthening the overall security posture through monitoring, auditing, and user education.

Responsibilities

• Design, implement, and maintain security solutions for networks, systems, applications, endpoints, email, and identity platforms.
• Continuously monitor security alerts, logs, and protection systems to identify, investigate, and remediate potential threats and vulnerabilities.
• Lead security incident response, including containment, remediation, root cause analysis, and thorough documentation.
• Conduct vulnerability assessments and risk analyses, remediating findings from tools like SentinelOne, penetration tests, and vulnerability scans.
• Support identity and access management through user access reviews, least-privilege controls, and role-based access.
• Assist in developing, implementing, and maintaining security policies, standards, and procedures.
• Ensure systems and processes comply with frameworks and regulatory requirements such as PCI and Zero Trust.
• Perform regular security audits and monitor adherence to established security policies.
• Ensure physical IT security controls are followed by internal staff and external vendors.
• Prepare, document, test, and maintain disaster recovery and incident response procedures.
• Provide essential on-call and after-hours support for 24/7 IT security coverage.
• Lead and support end-user security awareness training and best practice adoption.
• Collaborate with internal teams to enhance security controls while maintaining strong customer service.
• Clearly communicate security risks, incidents, and recommendations through effective written and verbal communication.

Requirements

• Proven experience in designing and evolving security architectures across cloud and on-prem environments.
• Expertise in threat detection, leading incident response, and performing root cause analysis.
• Solid knowledge of risk management and compliance with security frameworks and regulations.
• Proficiency in scripting, automation, and tooling to optimize security operations and efficiency.
• Ability to collaborate cross-functionally with IT, Engineering, Product, and Business teams.
• Strong communication skills to convey complex security information to all stakeholders.

Key skills/competency

• Security Architecture Design
• Threat Detection
• Incident Response
• Vulnerability Management
• Risk Management
• Compliance (PCI, Zero Trust)
• Identity & Access Management (IAM)
• Cloud Security
• Scripting & Automation
• Security Auditing