IT & Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
IT & Security Engineer responsible for architecture, hands-on delivery, and technical leadership at GovWorx. Focused on security operations, identity management, and compliance in a remote setting.
Responsibilities:
- Own architecture strategy and hands-on delivery for IT & Security engineering initiatives.
- Translate security and IT objectives into actionable workflows, automation patterns, and documentation.
- Mentor team members on technical troubleshooting, configuration, and best practices; foster a security-first culture.
- Evaluate and recommend technologies to improve security posture, service reliability, and operational efficiency.
- Own end-to-end identity lifecycle management using Okta as the primary IAM platform.
- Maintain and refine RBAC/ABAC models, least-privilege controls, and provisioning workflows.
- Implement and support SSO, MFA, SCIM, conditional access, and session security controls.
- Conduct periodic access reviews and maintain audit documentation for GovWorx compliance frameworks.
- Serve as SME for Jamf (macOS) and Intune (Windows): secure baselines, configuration profiles, provisioning, and compliance enforcement.
- Maintain Zero Trust device posture: encryption, patching, MDM enforcement, automated remediation, and application access controls.
- Manage and tune the EDR deployment for detection quality and incident readiness.
- Deploy self-service endpoint capabilities to minimize employee friction and ensure timely application access.
- Maintain centralized logging and monitoring pipelines across identity, endpoint, and SaaS systems.
- Create and refine detection alerts for high-signal, low-noise event visibility.
- Lead technical investigation during security events: evidence gathering, forensic analysis, containment, and remediation recommendations.
- Collaborate with the Head of IT & Security on incident prioritization, communication, and business-impact decisions.
- Maintain and optimize core SaaS, collaboration, and IT platforms for reliability and scalability.
- Own hardware and software lifecycle management: procurement, deployment, inventory, and secure decommissioning.
- Maintain and regularly test backup, continuity, and disaster recovery processes.
- Maintain system diagrams, runbooks, SOPs, and internal knowledge articles.
- Support GovWorx compliance frameworks through control enforcement, audit evidence collection, and documentation.
- Maintain SaaS application and OAuth integration inventory; review and control privileged access and scope boundaries.
- Manage lifecycle of service accounts, API keys, certificates, and secrets; enforce secure storage and automated rotation.
- Assist in vendor security evaluations, risk assessments, and risk register contributions.
Requirements:
- 5+ years of experience in IT, security engineering, or a combined technical role.
- Hands-on expertise with Okta (SSO, SCIM, MFA, lifecycle management) and RBAC/ABAC access models.
- Proficiency with Jamf Pro and Microsoft Intune for endpoint management and compliance enforcement.
- Experience with EDR platforms, SIEM tooling, and centralized logging infrastructure.
- Working knowledge of Zero Trust architecture principles and their practical application.
- Experience supporting compliance frameworks (SOC 2, NIST, ISO 27001, or similar).
- Familiarity with incident response practices, forensic analysis, and chain-of-custody procedures.
- Ability to write and maintain scripts or automation (Python, Bash, or equivalent) for operational tasks.
- Strong written and verbal communication; able to translate technical concepts for non-technical stakeholders.
- U.S. citizen or authorized to work in the United States.
Benefits:
- Health Benefits
- Flexible Time Off
Similar Jobs
Security Controls Assessor
Senior Security Controls Assessor evaluating MARAD information systems for compliance with cybersecurity standards. Supporting ATO decisions and developing assessment documentation in the United States.
Head of Infrastructure – Security
Head of Infrastructure & Security at Albert, focusing on enterprise-grade infrastructure and security. Establishing a cloud architecture strategy while managing a global SRE organization.
AI Security Consultant
AI Security Consultant identifying and mitigating risks in AI models and data pipelines at IOActive. Collaborating with technical teams to secure AI systems and deliver best practices.
Ethical Hacker – Hardware
Ethical Hacker - Hardware conducting security assessments of embedded and IoT devices at cybersecurity firm Packetlabs. Engaging with clients to improve security through hands-on penetration testing and reporting.
Cybersecurity Executive
Cybersecurity Executive driving growth, operational excellence, and product innovation at Partner One. Leading cybersecurity organization serving enterprise and government customers worldwide.
Security Engineer, TS/SCI Required
Security Engineer responsible for integrating Accrete AI products into client environments with rigorous security protocols and processes. Collaborating closely with cloud security management and addressing unique client security needs.
Director, Cybersecurity Engineering
Director of Cybersecurity Engineering leading enterprise cybersecurity design and strategy at Convera. Operating in a highly regulated financial environment with a focus on advanced security practices.
Director, Security Delivery – Physical Security
Director overseeing end-to-end post-sale security delivery operations for Genea. Leading teams for physical security and access control while driving growth and customer success.
Information System Security Officer – Cloud Data Platform
Information System Security Officer responsible for cybersecurity and compliance in Microsoft Azure cloud platform for federal client. Leading security activities and ensuring compliance with federal frameworks.
Security Compliance Policy and Guide Writer
Seeking Security Compliance Policy and Guide Writer to document cybersecurity controls for government client. A role ensuring compliance with federal security requirements and producing operational documentation.
Information Systems Security Officer – Part-time
Information Systems Security Officer managing IT security and protecting sensitive information for federal clients. Leading risk management and compliance efforts while collaborating with various stakeholders.
Security & Compliance Engineer
Security & Compliance Engineer for ARGO-HYTOS Group. Ensuring information security and compliance in a global IT environment.
Virtual Chief Information Security Officer – vCISO
Virtual Chief Information Security Officer leading information security and compliance initiatives at a healthcare platform. Ensuring secure technology systems and serving as a strategic advisor to leadership.
Senior Security Engineer
Senior Security Engineer focused on securing infrastructure through technology deployment and incident response for a digital asset protection at ARC-One Solutions.
Azure Solutions, Security Architect
Azure Solutions Architect leading security-focused Azure cloud solutions at Ascend Technologies. Designing scalable architectures, ensuring compliance, and mentoring teams in Agile environments.
Presales Security Expert – National Partners
Presales Security Expert supporting and enabling Fortinet's Canadian partners with solutions and technical improvements. Involving multi-team collaboration and direct partner engagement for effective results.
Senior Information Security Engineer
Senior Information Security Engineer responsible for implementing security solutions for enterprise environments. Collaborating with teams to enhance security architecture and manage stakeholder relationships.
Intern, Blue Team
Internship position in Cyber Security at It4us focusing on Blue Team operations and security analysis. Supporting various tasks involving Linux, development, and threat monitoring.
Security Engineer – Client Consulting
Threat Protection Security Engineer at Cyclotron deploying Microsoft Defender and Sentinel for enterprise organizations. Collaborating with security engineers to improve protection of Microsoft-based assets in cloud and on-premises environments.
Security Controls Assessor – OSCAL, Part Time
Security Controls Assessor conducting security compliance assessments and reports for U.S. Government and Commercial clients. Required experience with OSCAL and NIST guidelines.