InfoSec Engineer

Job Description

Location: Herndon, VA (On-site preferred; Potential for Hybrid or Remote working based on practically of a daily commute)

Position: Mid-Senior Level InfoSec Engineer

Job Type: Full-time

Assured Data Protection is a global leader in data backup and disaster recovery managed services, specializing in safeguarding against data loss and downtime in the event of a disaster, cyber, or ransomware attack. Our fully managed services include immutable backup, disaster recovery, and cyber resiliency to protect data on-premises and in the cloud, with 24/7/365 expert support.

We offer a flexible, consumption-based model to grow with your business, making data protection cost-effective and scalable. Our purpose-built software provides industry-leading monitoring and reporting capabilities to provide actionable insights into your data protection strategy. Our global data centers ensure data sovereignty, meeting your organization’s compliance requirements. A dedicated team is always available to recover your data and minimize disruption in the event of a disaster.

Job Summary:

We are seeking a Mid-Senior Level InfoSec Engineer to support and enhance our security operations. This role involves contributing to strategic and operational security initiatives, working hands-on with infrastructure and application teams to protect the integrity, confidentiality, and availability of enterprise systems. The ideal candidate will bring deep technical expertise and a proactive approach to security improvements while working closely with the Infrastructure, Implementations, and Solutions teams.

Key Responsibilities:

Security Operations and Incident Handling

Monitor and review complex security alerts in the SIEM platform, including configuring and adding detection rules and automation.

Participate in incident response and root cause analysis as part of the Global InfoSec team.

Support advanced log analysis and correlation for threat hunting.

System Security and Patching

Lead efforts in patch management for servers, endpoints, and network devices.

Enforce and enhance patch compliance and reporting standards.

Collaborate on vulnerability remediation strategies and timelines.

Firewall and Network Security

Design, review, and optimize firewall rules and VPN configurations.

Conduct periodic firewall audits to identify misconfigurations and compliance issues.

Document network security changes and assist with architectural improvements.

Collaboration and Security Projects

Participate in security-focused infrastructure and application projects.

Work closely with the Infrastructure, Implementations, and Solutions teams to align technical deployments with security controls.

Evaluate, test, and recommend new security tools and technologies.

Contribute to the development and enhancement of security documentation and playbooks.Learning and Development

Stay current with emerging threats, tactics, and security technologies.

Actively contribute to internal knowledge sharing within the InfoSec team.

Compliance and Governance

Assist in preparing evidence and maintaining controls for audits such as SOC 2, ISO 27001, and other compliance frameworks as required.Required Experience:

5+ years of experience in a cybersecurity or infrastructure security role.

Demonstrated expertise in firewall management, SIEM operations, and endpoint protection.

Strong understanding of patch management, vulnerability management, and remediation practices.

Proficiency in securing Windows and Linux (especially Debian) environments.

Experience working in enterprise or multi-site environments.

Familiarity with SOC 2, ISO 27001, or similar compliance frameworks.

Extensive experience with Azure cloud security controls and architecture, including identity and access management, network security, and compliance monitoring.

Experience with vulnerability scanning and management tools (e.g., Tenable, Qualys, Rapid7).Preferred Experience:

Experience with Fortinet firewalls and associated security technologies.

Proficient in scripting (e.g., PowerShell, Python) for automation of security monitoring, patching, or configuration tasks.

Experience with other cloud platforms (e.g., AWS) and hybrid-cloud security models.

Familiarity with infrastructure-as-code and configuration management tools (e.g., Terraform, Puppet, Chef, Ansible).

Experience participating in internal or external security audits or assessments.

Participation in red/blue/purple team exercises.

Understanding of secure SDLC practices and code review (especially for API/backend services).

Knowledge of zero trust architecture principles.

Personal Attributes

Detail-oriented with a focus on process accuracy and compliance.

Collaborative and team-oriented, capable of working with peers across functions.

Strong analytical and problem-solving skills.

Effective communicator with the ability to clearly explain technical risks and recommendations.

Available for occasional travel as well as occasional on-call support during high-priority incidents.What We Offer:

Competitive salary and performance-based incentives

Comprehensive benefits package, including health, dental, and vision insurance

401K program with company matching

Generous paid time off

A dynamic, inclusive, and collaborative work environment At Assured Data Protection we value diversity and inclusivity. We offer perks such as flex holidays, robust 401k plan, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

#LI-EL1

Powered by JazzHR

geZWrxAfEH

Full-time

Hybrid remote