Rehmann
Overview
Join to apply for the
Information Security Engineer
role at
Rehmann . We are seeking a talented associate to join our IT Information Security Team. This role supports security efforts including threat detection and response, vendor risk reviews, and project leadership for security tool evaluations and implementations. It will also involve collaboration with IT leadership, internal teams, and external partners to support the companys overall security strategy. How You Will Make An Impact At Rehmann
Working with a service team to meet client needs and objectives Support the development and monitoring of a strategic, comprehensive enterprise information security and IT risk management program. Collect, store, correlate, analyze, and respond to data from sensors, logs, and incident reports. Assist in implementing and monitoring Data Loss Prevention (DLP) controls to safeguard sensitive data. Continuously monitor and improve the organizations data security posture by identifying sensitive data across environments, assessing associated risks, and implementing controls to ensure compliance and reduce exposure. Lead response efforts for phishing incidents, including user communication and remediation. Develop and maintain detection playbooks and runbooks for identity/email abuse, endpoint threats, and SaaS. Execute incident response with blameless post-incident reviews; propose automation for repetitive actions with guardrails. Maintain and publish up-to-date security policies, process documentation, standards, and guidelines. Respond to and manage client and vendor security questionnaires (e.g., SIG, CAIQ) to ensure accurate representation of the organizations security posture and compliance with industry standards. Act as project lead for evaluations or implementations of security tools. Research, evaluate, and recommend security-related hardware and software; develop business cases for investments. Define and maintain baseline security configurations for operating systems, applications, mobile devices, and network equipment. Assist in preparing periodic reports for upper management by providing technical metrics, analysis, and insights on the security programs status. Assist with security audits and system checkups (e.g., user access reviews, physical walkthroughs). Perform risk reviews of potential and ongoing vendors from a data security standpoint. Liaise with compliance, audit, legal, and HR teams as required. Assist in managing and monitoring physical security systems, including access control and badge management, to ensure secure facilities and compliance with organizational security policies. Perform vulnerability and threat assessments and drive prioritized remediation. Stay current with industry trends, threats, and technologies and guide associates on security best practices and policies. Your Desired Skills, Values & Experiences
4+ years of relevant experience in IT Security or related technical role Bachelors degree in Computer Science, IT, or related field Experience with Microsoft server environments, least privilege principles, vulnerability management, domain management, application whitelisting, EDR, and SIEM Exposure to systems analysis, security solutions, application development, and infrastructure support Familiarity with multi-platform environments and their operational/security considerations Experience in large organizations with complex regulatory requirements or CPA firms preferred Programming/script writing knowledge using PowerShell, Python, API, Go, bash, etc. for Security Orchestration and Automation Response (SOAR) Clear, concise communication and collaborative approach with technical and non-technical stakeholders Ability to lead projects and influence independently with strong organizational skills and time management Understanding of modern IT infrastructure Hands-on experience with EDR and SIEM (detection tuning), vulnerability management, and scripting (PowerShell or Python) Working knowledge of identity/email security, networking fundamentals, and cloud platforms (M365/Azure or similar) Familiarity with NIST CSF 2.0, ISO/IEC 27001:2022, and SOC 2 TSC (Security) Certifications such as Security+, CySA+, GSEC, GCIH, GCIA, CEH, CISSP, CISM, CISA, CCSP, CASP+, or similar are helpful but not required Rehmann puts people first. We provide programs and benefits that encourage growth and development and align with associates needs and goals, including health-focused programs, volunteering time off, flexible work arrangements, and more. When you join Rehmann, you become part of a firm dedicated to helping Empower Your Purpose, whatever it may be. Rehmann is an Equal Opportunity Employer. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Referrals increase your chances of interviewing at Rehmann by 2x Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Join to apply for the
Information Security Engineer
role at
Rehmann . We are seeking a talented associate to join our IT Information Security Team. This role supports security efforts including threat detection and response, vendor risk reviews, and project leadership for security tool evaluations and implementations. It will also involve collaboration with IT leadership, internal teams, and external partners to support the companys overall security strategy. How You Will Make An Impact At Rehmann
Working with a service team to meet client needs and objectives Support the development and monitoring of a strategic, comprehensive enterprise information security and IT risk management program. Collect, store, correlate, analyze, and respond to data from sensors, logs, and incident reports. Assist in implementing and monitoring Data Loss Prevention (DLP) controls to safeguard sensitive data. Continuously monitor and improve the organizations data security posture by identifying sensitive data across environments, assessing associated risks, and implementing controls to ensure compliance and reduce exposure. Lead response efforts for phishing incidents, including user communication and remediation. Develop and maintain detection playbooks and runbooks for identity/email abuse, endpoint threats, and SaaS. Execute incident response with blameless post-incident reviews; propose automation for repetitive actions with guardrails. Maintain and publish up-to-date security policies, process documentation, standards, and guidelines. Respond to and manage client and vendor security questionnaires (e.g., SIG, CAIQ) to ensure accurate representation of the organizations security posture and compliance with industry standards. Act as project lead for evaluations or implementations of security tools. Research, evaluate, and recommend security-related hardware and software; develop business cases for investments. Define and maintain baseline security configurations for operating systems, applications, mobile devices, and network equipment. Assist in preparing periodic reports for upper management by providing technical metrics, analysis, and insights on the security programs status. Assist with security audits and system checkups (e.g., user access reviews, physical walkthroughs). Perform risk reviews of potential and ongoing vendors from a data security standpoint. Liaise with compliance, audit, legal, and HR teams as required. Assist in managing and monitoring physical security systems, including access control and badge management, to ensure secure facilities and compliance with organizational security policies. Perform vulnerability and threat assessments and drive prioritized remediation. Stay current with industry trends, threats, and technologies and guide associates on security best practices and policies. Your Desired Skills, Values & Experiences
4+ years of relevant experience in IT Security or related technical role Bachelors degree in Computer Science, IT, or related field Experience with Microsoft server environments, least privilege principles, vulnerability management, domain management, application whitelisting, EDR, and SIEM Exposure to systems analysis, security solutions, application development, and infrastructure support Familiarity with multi-platform environments and their operational/security considerations Experience in large organizations with complex regulatory requirements or CPA firms preferred Programming/script writing knowledge using PowerShell, Python, API, Go, bash, etc. for Security Orchestration and Automation Response (SOAR) Clear, concise communication and collaborative approach with technical and non-technical stakeholders Ability to lead projects and influence independently with strong organizational skills and time management Understanding of modern IT infrastructure Hands-on experience with EDR and SIEM (detection tuning), vulnerability management, and scripting (PowerShell or Python) Working knowledge of identity/email security, networking fundamentals, and cloud platforms (M365/Azure or similar) Familiarity with NIST CSF 2.0, ISO/IEC 27001:2022, and SOC 2 TSC (Security) Certifications such as Security+, CySA+, GSEC, GCIH, GCIA, CEH, CISSP, CISM, CISA, CCSP, CASP+, or similar are helpful but not required Rehmann puts people first. We provide programs and benefits that encourage growth and development and align with associates needs and goals, including health-focused programs, volunteering time off, flexible work arrangements, and more. When you join Rehmann, you become part of a firm dedicated to helping Empower Your Purpose, whatever it may be. Rehmann is an Equal Opportunity Employer. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Referrals increase your chances of interviewing at Rehmann by 2x Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr