InfoSec Engineer
Herndon, VA
Full Time
Experienced
Location: Herndon, VA (On-site preferred; Potential for Hybrid or Remote working based on practically of a daily commute)
Position: Mid-Senior Level InfoSec Engineer
Job Type: Full-time
Assured Data Protection is a global leader in data backup and disaster recovery managed services, specializing in safeguarding against data loss and downtime in the event of a disaster, cyber, or ransomware attack. Our fully managed services include immutable backup, disaster recovery, and cyber resiliency to protect data on-premises and in the cloud, with 24/7/365 expert support.
We offer a flexible, consumption-based model to grow with your business, making data protection cost-effective and scalable. Our purpose-built software provides industry-leading monitoring and reporting capabilities to provide actionable insights into your data protection strategy. Our global data centers ensure data sovereignty, meeting your organization’s compliance requirements. A dedicated team is always available to recover your data and minimize disruption in the event of a disaster.
Job Summary:
We are seeking a Mid-Senior Level InfoSec Engineer to support and enhance our security operations. This role involves contributing to strategic and operational security initiatives, working hands-on with infrastructure and application teams to protect the integrity, confidentiality, and availability of enterprise systems. The ideal candidate will bring deep technical expertise and a proactive approach to security improvements while working closely with the Infrastructure, Implementations, and Solutions teams.
Key Responsibilities:
#LI-EL1
Position: Mid-Senior Level InfoSec Engineer
Job Type: Full-time
Assured Data Protection is a global leader in data backup and disaster recovery managed services, specializing in safeguarding against data loss and downtime in the event of a disaster, cyber, or ransomware attack. Our fully managed services include immutable backup, disaster recovery, and cyber resiliency to protect data on-premises and in the cloud, with 24/7/365 expert support.
We offer a flexible, consumption-based model to grow with your business, making data protection cost-effective and scalable. Our purpose-built software provides industry-leading monitoring and reporting capabilities to provide actionable insights into your data protection strategy. Our global data centers ensure data sovereignty, meeting your organization’s compliance requirements. A dedicated team is always available to recover your data and minimize disruption in the event of a disaster.
Job Summary:
We are seeking a Mid-Senior Level InfoSec Engineer to support and enhance our security operations. This role involves contributing to strategic and operational security initiatives, working hands-on with infrastructure and application teams to protect the integrity, confidentiality, and availability of enterprise systems. The ideal candidate will bring deep technical expertise and a proactive approach to security improvements while working closely with the Infrastructure, Implementations, and Solutions teams.
Key Responsibilities:
- Security Operations and Incident Handling
- Monitor and review complex security alerts in the SIEM platform, including configuring and adding detection rules and automation.
- Participate in incident response and root cause analysis as part of the Global InfoSec team.
- Support advanced log analysis and correlation for threat hunting.
- System Security and Patching
- Lead efforts in patch management for servers, endpoints, and network devices.
- Enforce and enhance patch compliance and reporting standards.
- Collaborate on vulnerability remediation strategies and timelines.
- Firewall and Network Security
- Design, review, and optimize firewall rules and VPN configurations.
- Conduct periodic firewall audits to identify misconfigurations and compliance issues.
- Document network security changes and assist with architectural improvements.
- Collaboration and Security Projects
- Participate in security-focused infrastructure and application projects.
- Work closely with the Infrastructure, Implementations, and Solutions teams to align technical deployments with security controls.
- Evaluate, test, and recommend new security tools and technologies.
- Contribute to the development and enhancement of security documentation and playbooks.
- Stay current with emerging threats, tactics, and security technologies.
- Actively contribute to internal knowledge sharing within the InfoSec team.
- Compliance and Governance
- Assist in preparing evidence and maintaining controls for audits such as SOC 2, ISO 27001, and other compliance frameworks as required.
- 5+ years of experience in a cybersecurity or infrastructure security role.
- Demonstrated expertise in firewall management, SIEM operations, and endpoint protection.
- Strong understanding of patch management, vulnerability management, and remediation practices.
- Proficiency in securing Windows and Linux (especially Debian) environments.
- Experience working in enterprise or multi-site environments.
- Familiarity with SOC 2, ISO 27001, or similar compliance frameworks.
- Extensive experience with Azure cloud security controls and architecture, including identity and access management, network security, and compliance monitoring.
- Experience with vulnerability scanning and management tools (e.g., Tenable, Qualys, Rapid7).
- Experience with Fortinet firewalls and associated security technologies.
- Proficient in scripting (e.g., PowerShell, Python) for automation of security monitoring, patching, or configuration tasks.
- Experience with other cloud platforms (e.g., AWS) and hybrid-cloud security models.
- Familiarity with infrastructure-as-code and configuration management tools (e.g., Terraform, Puppet, Chef, Ansible).
- Experience participating in internal or external security audits or assessments.
- Participation in red/blue/purple team exercises.
- Understanding of secure SDLC practices and code review (especially for API/backend services).
- Knowledge of zero trust architecture principles.
- Personal Attributes
- Detail-oriented with a focus on process accuracy and compliance.
- Collaborative and team-oriented, capable of working with peers across functions.
- Strong analytical and problem-solving skills.
- Effective communicator with the ability to clearly explain technical risks and recommendations.
- Available for occasional travel as well as occasional on-call support during high-priority incidents.
- Competitive salary and performance-based incentives
- Comprehensive benefits package, including health, dental, and vision insurance
- 401K program with company matching
- Generous paid time off
- A dynamic, inclusive, and collaborative work environment
#LI-EL1
Apply for this position
Required*