[Remote] Security Engineer II

Note: The job is a remote job and is open to candidates in USA. SCS Global Services is a pioneer in sustainability standards and certification, and they are seeking a Security Engineer II. This role is responsible for designing, implementing, and owning security controls across various layers, with a focus on operational soundness and business alignment.

Responsibilities

• Design and implement security control architectures and reference implementation patterns aligned with ISO 27001:2022 and related security frameworks (CIS, NIST CSF, MITRE ATT&CK), within established organizational standards
• Engineer and maintain assigned security controls across the following domains: Identity: Entra ID/Conditional Access/MFA/PAM, Endpoint: Intune/EDR/XDR (CrowdStrike), Workloads: Azure/AWS security/container security/CI/CD controls, Data: DLP/encryption/key management
• Develop, maintain, and operationalize security standards, baselines, and reference architectures in partnership with IT and application stakeholders
• Perform threat modeling (STRIDE) and risk assessments for new systems and material changes, translating findings into actionable security controls and remediation recommendations
• Lead security discovery and integration activities for new and existing environments, including current state assessment, gap analysis, and development of prioritized remediation plans
• Proactively identify security improvement opportunities, propose viable solutions, and execute approved work items to completion
• Integrate and optimize security tooling, including log source onboarding, alert tuning, and workflow automation
• Partner with Development and Application teams to embed security by design
• Support audit and compliance activities related to ISO 27001:2022, including evidence collection and control implementation validation

Skills

• Bachelor's Degree in computer science, information systems, or a related field, or equivalent work experience
• 6+ years of IT Experience
• 3+ years in an IT Security or Security Engineering role
• Strong practical knowledge of systems and infrastructure engineering (Windows/Linux fundamentals, networking, cloud architecture, identity, and common enterprise services) to make sound security recommendations and assess operational impact
• Proven ability to scope security improvements into actionable work items, estimate level of effort, and partner with infrastructure/application owners to drive implementation
• Cloud security experience (Azure preferred)
• Experience with scripting and infrastructure as code for security automation and control deployment (PowerShell, Terraform, ARM/Bicep) to implement at scale
• Experience with a MDR/vSOC provider and integrating EDR telemetry and incident workflows (CrowdStrike preferred)
• Strong understanding of Identity and Access Management (IAM) concepts and implementations
• Working knowledge of industry security frameworks and standards, including ISO 27001:2022 (preferred), NIST CSF, CIS Controls, and MITRE ATT&CK, and their application to security control design
• Demonstrated ownership mindset: able to work from broad direction, handle ambiguity, prioritize, and drive work to completion
• Practical experience implementing security controls within Azure/M365 environments
• Experience with SIEM platforms, including log onboarding, detection tuning, and workflow integration (Microsoft Sentinel preferred)
• Strong analytical skills with the ability to translate security and infrastructure risk into practical technical controls
• Microsoft Azure Security Engineer
• Microsoft Azure Administrator
• Microsoft Azure Architect
• Certified Cloud Security Professional (CCSP)

Benefits

• At this time, SCS Global Services is recruiting all open roles to be remote; allowing our employees the ability to work flexibly and allowing SCS as a company to diversify the experience and perspectives of our growing workforce. This role will be based out of your home office.

Company Overview

Company H1B Sponsorship