Security Engineer

Job Summary: We are looking for a detail-oriented Security Engineer to protect the confidentiality, integrity, and availability of our systems and support our compliance efforts. You will help design, implement, and maintain security controls, systems, and programs. You will work closely with IT, DevOps, Technical Services, R&D, and compliance teams to mitigate risks to our services and meet or exceed framework and standard requirements, including the SOC 2 Trust Service Criteria and CJIS Information Security Policy. Job Description: Responsibilities Deploy and manage security platforms, including SIEM, EDR, PAM, Vulnerability Scanners, Patch Management, Firewalls, IAM, SEG, and Web Filters Monitor systems for security events; investigate and respond to incidents Coordinate and manage vulnerability remediation efforts Collaborate with IT and product teams to incorporate appropriate security into cloud and on premises systems; automate security controls using IaC and configuration management tools Work with R&D to integrate security best practices into the software development lifecycle (SDLC), including secure coding standards and DevSecOps practices Create and maintain technical documentation for security architecture and processes Participate in risk assessments and recommend mitigation strategies Work with business units to implement policy and compliance requirements Train colleagues in the use of security technologies relevant to their functions Stay current on emerging threats and vulnerabilities Support security audits and evidence collection for SOC 2 Maintain compliance documentation and help drive security best practices Participate in disaster recovery planning and testing Support the secure design, deployment, and monitoring of AI and machine learning systems, ensuring appropriate data privacy, access control, and model integrity Qualifications Bachelor's degree in information systems or related field (or equivalent experience) 5+ years of experience in information security, systems administration, or related roles Relevant professional certifications (e.g., GIAC GCIH/GSOC, ISC2 CCSP/CISSP, AWS Practitioner/Certified Security) Strong knowledge of AWS cloud infrastructure and security best practices Familiarity with security tools and system monitoring (SIEM, EDR, PAM, Vulnerability Scanners, Patch Management, Firewalls, IAM, SEG, and Web Filters) Demonstrated technical design and implementation capabilities for hybrid cloud, compute, and shared storage platforms in an enterprise environment Experience with installation, configuration, and administration of a broad range of infrastructure platforms: virtualized server/compute systems, high availability and disaster recovery designs, network and security integration, storage infrastructure, and operational tools Familiarity with application security and API security, including common vulnerabilities and best practices for security design, testing, and remediation Familiarity with scripting or programming (Python, PowerShell, Bash, etc.) Experience with SOC 2 TSC, ISO 27001, CJIS ISP, NIST CSF, CIS, or similar frameworks Ability to work both independently and on a team Ability to communicate security concepts clearly to technical and non-technical stakeholders Ability to collaborate with cross-functional teams and auditors Excellent documentation and verbal/written communication skills Detail-oriented with strong problem-solving and troubleshooting abilities To meet CJIS information security policy requirements, candidate must be a U.S. Person able to pass an FBI criminal history check Possible travel (approximately 5%) May provide after-hours support for incidents Preferences Experience with AWS cloud platforms Hands-on experience with monitoring/logging tools (e.g., Datadog, Splunk, CloudWatch) Solid understanding of AICPA Trust Service Criteria for SOC 2 Experience with the Criminal Justice Information Services (CJIS) Security Policy Proficiency in system administration (Linux/Windows) Knowledge of network security principles and firewalls Strong documentation and reporting skills Worker Type: Regular Number of Openings Available: 1 About Us We are driven by a justice system that instills confidence through its processes and is accessible to all citizens. Like you, e quivant aims to embrace community while advancing justice and deliver better outcomes to all who touch the justice system. We do this through our deep domain knowledge, modern technologies, and expert services that help promote public and individual safety by informing decisions at every step. As fellow stewards of justice, equivant is committed to your mission and we value your ideals. Our people operate with fairness and integrity, believing that there is no such thing as good enough . The equivant group of companies is an equal opportunity employer, we recruit, hire, train, promote and provide all other privileges of employment to qualified people without regard to age, race, color, creed, national origin, gender, gender identity, gender expression, disability, marital status, veteran status, citizenship status, ethnicity, familial status, religion, sexual orientation or any other classification for which discrimination is prohibited. #J-18808-Ljbffr