Info Sec Staff Engineer

Job Description

Support the implementation, operation, and maintenance of cloud and infrastructure security controls across Azure-centric environments, with exposure to AWS. Monitor security alerts and logs, perform initial investigation and triage, and escalate incidents as appropriate. Participate in security incident response activities, including containment, remediation, and post-incident reviews under guidance from senior team members. Operate and maintain security tooling, including SIEM, cloud-native security services, endpoint protection, and vulnerability scanning tools. Assist with detection engineering by maintaining and tuning alerts to improve visibility and reduce false positives. Support vulnerability management processes, including scanning, validation, remediation tracking, and re-testing. Collaborate with engineering and platform teams to implement secure configurations and infrastructure hardening best practices. Support compliance and audit activities related to SOC 1, SOC 2, ISO 27001, 27017, and 27018, including evidence collection and control verification. Develop and maintain security documentation, including procedures, runbooks, and operational guides. Participate in continuous improvement initiatives to enhance security operations efficiency and effectiveness. Stay current on security threats, vulnerabilities, and cloud security best practices, applying learnings to day-to-day work.

Qualifications

1. Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related technical field, or equivalent practical experience. 2. 4+ years of experience in information security, security operations, cloud infrastructure, or related technical roles. 3. Hands-on experience with Azure cloud environments, including basic security configuration, logging, and monitoring. 4. Familiarity with security operations concepts, including alert monitoring, incident response, and vulnerability management. 5. Basic understanding of network security, identity and access management, and infrastructure hardening principles. 6. Exposure to AWS environments or cloud-security fundamentals is a plus. 7. Experience supporting or working within regulated environments (SOC, ISO, or similar) preferred. 8. Comfort working in Linux or Windows environments, with introductory scripting or automation experience (PowerShell, Bash, Python, or similar). 9. Strong analytical mindset and eagerness to learn and grow in security engineering and operations. 10. Good written and verbal communication skills and the ability to collaborate effectively with technical teams. 11. This role is not eligible for immigration sponsorship.

Benefits

- Health insurance - Retirement plans - Paid time off - Flexible working arrangements - Professional development