Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Engineer at Coterie enhancing security operations and access management in cloud-native environments. Collaborating with teams to conduct access reviews and manage privileged access programs.
Responsibilities:
- Run Coterie’s recurring user access reviews under the direction of the Principal Security Architect, coordinating with system owners to certify access and remove stale or over-provisioned entitlements across our environments
- Gather, organize, and validate evidence to support compliance testing and audits, following established procedures to build evidence packets that trace access and changes from request through approval
- Administer our privileged access management program with oversight, focusing on endpoint privilege management, operating local administrator elevation, least-privilege policies, and just-in-time access on endpoints within approved guardrails
- Support time-bound, approved, and reviewed privileged access through Azure Privileged Identity Management (PIM), including role assignments and periodic recertification of privileged identities
- Triage and respond to security operations alerts from our SIEM and endpoint tooling under the guidance of senior engineers, escalating, documenting, and helping close out incidents
- Run the day-to-day administration of our security awareness program, including building, scheduling, and reporting on phishing simulations and assigning follow-up training
- Follow and maintain the procedures, standards, and documentation the team has established for access reviews, privileged access, and related security operations workflows
- Utilize a risk-based approach to your day-to-day work and surface pain points and recommend continuous-improvement ideas for these programs and processes
- Partner with IT operations, engineering, and compliance teams to help close access and process gaps and mature Coterie’s security posture
- Take on other security operations tasks that support the team, such as detection tuning, vulnerability remediation tracking, and tooling evaluations, as directed and as priorities shift
Requirements:
- 3–5 years of experience in security operations, identity/access administration, or a related technical role
- Experience with cloud-native enterprise services
- Solid understanding of identity and access management concepts, including authentication, authorization, least privilege, and role-based access control
- Hands-on experience with privileged access management, with specific experience in endpoint privilege management (managing local administrator rights and elevation)
- Experience running or supporting access reviews and access certifications, and removing unneeded access
- Familiarity with compliance frameworks (e.g., SOC 1, SOC 2, SOX) and supporting the collection of audit evidence
- Comfortable triaging alerts from a SIEM or endpoint security tooling and following documented response procedures
- Experience administering or supporting a security awareness or phishing simulation platform
- Comfortable operating established programs and processes under direction, while contributing ideas to improve them
- Self-motivated, detail-oriented, organized, and able to manage recurring deadlines across multiple workstreams
- Exceptional written and verbal communication, with the ability to document processes clearly.
Benefits:
- 100% remote
- Health insurance through Aetna (we pay 100% of premiums)
- Dental and vision insurance through Guardian (we pay 100% of premiums)
- Basic life insurance (we pay 100% of premiums)
- Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)
- 401K plan (up 4% match with immediate vest). Must be 21 years of age or older to participate
- Flexible PTO policy offering employees up to 4 weeks of PTO in their first 12 months. Thereafter, PTO usage aligns with company standards and typically does not exceed 5 weeks per calendar year.
- 12 company-paid holidays each year
- Continuing education annual stipend
Similar Jobs
Azure Data Security Engineer
Data Security Engineer focusing on cloud data security for U.S. client. Joining a multinational team with a Swiss background.
Senior Product Security Engineer
Senior Product Security Engineer at Nexthink responsible for managing FedRAMP cloud security and automation processes. Collaborating with teams to enhance incident response and security architecture.
Security Engineer – Cybersecurity Posture, Hygiene & AI Enablement
Security Engineer enhancing AbbVie’s cybersecurity posture in a collaborative tech team. Implementing security controls, solutions, and working with AI for improved outcomes.
Security Technik Administrator
Security Technik Administrator responsible for security processes and technical support in ICT operations at Deutsche Telekom. Involves administrative tasks, testing, and procurement.
Senior Manager, Application Security
Senior Manager leading Application Security initiatives in innovative technology for real estate at First American. Embedding security into product delivery and mentoring a high-performing AppSec team.
Director – Offensive Security, Red Team
Director of Offensive Security at FICO. Leading the proactive security strategy across Red Teaming, Threat Intelligence, and Threat Hunting with an AI-first mindset.
Security Director
Security Director responsible for consulting on risk management and security solutions for clients in the Northeastern US. Driving revenue growth and enhancing partnership relationships with stakeholders.
IAM Security Consultant
IAM Security Consultant responsible for managing user identities and access rights across IAM platforms. Collaborating with international teams in a large IT environment from Brazil with remote work.
Network Security Engineer, III
Network Security Engineer III executing advanced security protocols within multicloud environments. Collaborating with infrastructure teams to ensure robust security measures across various platforms.
Principal Cybersecurity Engineer
Principal Cybersecurity Engineer focusing on Governance, Risk, and Compliance at DIRECTV. Leading enterprise-level GRC programs and mentoring cybersecurity professionals.
Director, Physical Security
Director of Physical Security responsible for managing security across GAF's eastern US sites. Leading physical security efforts and developing programs to mitigate risks at multiple locations.
Contract Security, Compliance, Access Analyst
Program Analyst Senior managing compliance and security operations for IHS Electronic Health Records Modernization program. Collaborating with security teams and ensuring personnel access policies are met.
AWS Cloud Security, ICAM Specialist
AWS Cloud Security and ICAM Specialist supporting Case Management Modernization for the U.S. Courts. Designing and managing authentication frameworks within cloud environments.
Infrastructure Security Team Lead
Lead the Infrastructure Security Team at SOFTSWISS, an international iGaming company. Responsible for defining security strategies, priorities, and team development in a remote setting.
Identity Security Engineer – ITDR, CSPM
CrowdStrike Identity Security Engineer managing ITDR and CSPM capabilities for a federal agency. Leading threat detection and response efforts with extensive CrowdStrike platform experience.
Senior Analyst, Information Security Compliance
Senior Analyst for managing information security compliance initiatives at Kontoor Brands. Collaborating with various teams to support regulatory compliance across iconic denim brands.
Corporate Security Engineer – IAC & Automation
Corporate Security Engineer leading design and optimization of security infrastructure at OnePay. Focusing on automation, data protection, and collaboration across IT and security teams.
Senior Manager – Offensive Security
Senior Manager leading offensive security services at Cyber Advisors, focusing on threat-driven risk assessments and remediation activities. Mentoring teams and enhancing security methodologies.
Senior Software Developer, Application Security
Senior Software Developer focusing on Application Security for healthcare technology projects. Responsible for implementing secure development practices and identifying security risks.
Ingeniero de Seguridad
Security Engineer at Stefanini with focus on security controls, incident responses, and compliance. Requires 4-6 years of experience in similar roles with strong technical skills.