Job Summary:
EnSafe is accepting applications for a full-time Senior Information Security Engineer. This hands-on technical role is responsible for the day-to-day operation of EnSafe’s security technologies and technical compliance controls, supporting the organization's cybersecurity initiatives.
Responsibilities:
• Managing and supporting enterprise security operations technologies to detect, investigate, and respond to cybersecurity threats and vulnerabilities.
• Monitoring, triaging, and responding to security alerts, incidents, identity risks, and endpoint threats in coordination with internal stakeholders and managed security partners.
• Supporting vulnerability and patch management activities, including risk assessment, remediation tracking, reporting, and continuous improvement of the organization's security posture.
• Administering privileged access management solutions and supporting access control, identity protection, and separation-of-duties requirements.
• Participating in incident response activities, including investigation, containment, remediation, documentation, post-incident analysis, and access reviews.
• Supporting and securing enterprise infrastructure environments, including cloud, endpoint, identity, collaboration, and directory services platforms.
• Managing and reviewing network security controls, including firewall administration, VPN technologies, network segmentation, and access management.
• Supporting cybersecurity compliance initiatives through technical control implementation, evidence collection, remediation activities, audit preparation, and ongoing compliance monitoring.
• Leading infrastructure and security projects from requirements gathering through implementation, testing, and documentation.
• Collaborating effectively with Information Technology staff, business stakeholders, managed service providers, and compliance partners to support organizational security objectives.
Qualifications:
Required:
• Eight (8) or more years of progressively responsible information technology experience, including at least four (4) years focused on cybersecurity or security operations.
• Hands-on SIEM operations experience; Sumo Logic experience strongly preferred.
• Hands-on EDR operations experience; CrowdStrike Falcon experience preferred.
• Working knowledge of NIST SP 800-171, CMMC Level 2, cybersecurity compliance frameworks, and security control implementation.
• Strong experience with Microsoft enterprise technologies, including Active Directory, Entra ID, Azure, Microsoft 365, and Intune.
• Experience with firewall administration, VPN technologies, network segmentation, and network troubleshooting.
• Privileged Access Management (PAM) administration experience.
• Scripting experience using PowerShell, Python, or similar automation tools.
• Professional cybersecurity certification such as Security+, CISSP, CISM, or equivalent.
• Strong written communication skills with the ability to create clear technical documentation, evidence packages, change records, and incident documentation.
Preferred:
• Experience supporting Defense Industrial Base (DIB) organizations or federal contractors.
• Experience supporting CMMC or NIST SP 800-171 compliance initiatives.
• CCSP, CISA, CCP, FedRAMP, or other advanced security certifications.
• Fortinet firewall administration experience.
• Experience supporting mergers and acquisitions integrations.
• Experience with insider risk management, AI governance, or related security initiatives.
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
Company:
EnSafe Provider of consulting services. Founded in 1980, the company is headquartered in Memphis, USA, with a team of 201-500 employees. The company is currently Growth Stage.