Security Engineer

Job Title: Security EngineerReports to: Director of SecurityDepartment: ITJob Status: Full Time, ExemptDo you want to join a small, growing company with a strong track record and a professional culture? Can you work across the breadth of information security, from policy to operations? Are you flexible and ready to stretch your knowledge and skills? If so, then PNT Data may be for you.Position SummaryThe Security Engineer will report to the Chief Information Security Officer (CISO) and will help the CISO design and implement preventive, detective, and investigative controls to mitigate risk and meet HIPAA/HITRUST regulatory requirements.This is a fully remote position. Candidates residing anywhere in the United States are invited to apply.Job ResponsibilitiesDesign, implement, and maintain security controls within AWS, including Identity & Access Management (IAM), networking, logging, and encryption.Design, implement, and maintain security controls within an enterprise Windows environment, including logging, encryption, and access controls.Design, implement, and maintain endpoint security controls, including endpoint firewalls, endpoint detection & response (EDR), and application allow-listing.Design, implement, and maintain network security controls, including email protection, data loss prevention (DLP), intrusion detection, and firewalls.Design, implement, and maintain security controls within a Microsoft 365 environment.Help track and report on risk remediation metrics, including internal risks and third-party risk management (3PRM).Manage vulnerability scanning tools and prioritize remediation.Establish and enforce secure configuration baselines for systems and resources.Monitor security alerts and logs; investigate and respond to security incidents and suspicious activity.Improve enterprise log collection, detection, and response using SIEM, EDR, and cloud-native security tooling.Support compliance efforts with HIPAA, HITRUST, and SOC 2; assist with audits, evidence collection, and documentation.Support engineering teams with application security.Work with every business team, including finance, sales, and customer support, to ensure security requirements are understood and effectively implemented.Develop, maintain, and improve procedures, standards, and documentation.Required QualificationsThe successful candidate must be:Passionate about information security and eager to learnHumble and able to listen constructivelyCandid, courageous, and willing to speak honestlyKnowledgeable of security fundamentalsProficient in writing and verbal communicationAble to work independently, self-manage, and balance multiple responsibilitiesAble to collaborate and maintain productivity while working remotelyPreferred QualificationsIf you have at least one of these qualifications and believe that you can learn the rest on the job then you are a qualified applicant. We do not expect any one candidate to have all these skills!Three or more years of experience in security engineering, cloud security, or infrastructure securityTwo or more years hands-on AWS experience; AWS Security Specialty certification preferredExperience in designing and deploying enterprise logging and monitoring; Splunk experience preferredExperience in triaging, investigating, and resolving security alertsHands-on experience in configuring and maintaining endpoint and network security controls; Crowdstrike, Zscaler, ThreatLocker experience preferredExperience in vulnerability scanning and managementExperience with healthcare data protection requirements and working with sensitive data in regulated industriesFamiliarity with security risks and controls related to artificial intelligenceBonus QualificationsThese qualifications are not expected but are a plus.Experience using generative AI to write, debug, and test software or scriptsExperience with scripting languages such as Powershell, bash, python, perl, or similarHands-on experience operating or securing enterprise Windows environmentsExperience writing, deploying, and managing Infrastructure as Code (IaC); preferably AWS Cloud Development Kit (AWS CDK)Salary range $125,000 - $160,000 commensurate with experience.