Security Vulnerability Engineer

Security Vulnerability Engineer - IAM / DNS / AD / PKI / PatchingNote: All Mandatory qualifications must be met on the resume for the candidate to quality. Mandatory:Developing and implementing technical solutions Mitigating security vulnerabilitiesTechnical Experience (Minimum 1 Year)Experience in at least one of the following: Identity and Access Management (IAM)Enterprise DNSActive DirectoryGroup PolicyPublic Key Infrastructure (PKI)Patching & upgrading systemsLocation: Remote (Preferred: California or West Coast – Pacific Time)Duration: 2-year contract with 1-year extension (up to 3 years total)Position OverviewWe are seeking a Security Engineer / Security Engineering SME to support a large-scale Patch and Configuration Management initiative. This role will focus on strengthening enterprise security posture through the design, implementation, and optimization of security controls and vulnerability mitigation strategies across critical infrastructure systems.This is a hands-on engineering role with a strong emphasis on identity, access, and enterprise security technologies, as well as system hardening, patching, and configuration management.While the role is remote, candidates located in California (especially Sacramento) or the West Coast are highly preferred to support Pacific Time collaboration and occasional on-site meetings if needed.Key ResponsibilitiesDesign and implement technical security solutions to mitigate vulnerabilities across enterprise systemsSupport patching, upgrades, and configuration management processes to maintain system security and complianceImplement and manage Identity and Access Management (IAM/IdAM) controlsAdminister and secure enterprise services such as:Active DirectoryDNSGroup PolicyPublic Key Infrastructure (PKI)Enforce security policies, access controls, and governance frameworksIdentify and remediate security gaps through proactive monitoring and vulnerability analysisCollaborate with infrastructure, DevOps, and application teams to ensure secure system design and operationsContribute to documentation, architecture reviews, and security best practicesMandatory Qualifications7+ years (FTE) of experience in Security Engineering or related fieldProven experience:Developing and implementing technical security solutionsMitigating security vulnerabilities in enterprise environmentsEducation:Bachelor’s degree in IT, Engineering, or related field(Equivalent experience may be considered in lieu of degree)Technical Experience (minimum 1 year in at least one area):Identity and Access Management (IdAM/IAM)Enterprise DNSActive DirectoryGroup PolicyPublic Key Infrastructure (PKI)Patching & system upgradesDesired QualificationsSecurity & Technology Certifications (highly preferred):CISSPCompTIA Security+CCSPCCNAVMware certifications or equivalentAdditional experience in:Identity & Access Management (IdAM)Enterprise DNS and directory servicesActive Directory administrationGroup Policy managementPKI technologiesPatching and upgrade strategiesAdditional years of relevant experience beyond minimum requirementsLocation & Work EnvironmentRemote-first roleMust be able to work Pacific Time hoursPreferred: Candidates located in California or West CoastNice to have: Ability to attend occasional on-site meetings in Sacramento, CAIdeal Candidate ProfileStrong enterprise security engineering background (not just compliance)Hands-on experience with infrastructure security technologiesComfortable working in complex, regulated environmentsAble to balance security, operations, and system performanceStrong communicator who can work cross-functionally with technical teams