Security Engineer 2
Job Description
The Security Engineer (Level 2) designs, implements, and maintains security controls for the organization and its client environments. The role leads projects, manages incident response, and ensures adherence to industry standards and state regulations, while guiding junior staff and collaborating with clients.
Responsibilities
- Design and implement security controls and architectures tailored to client environments
- Incorporate cybersecurity best practices into development and deployment lifecycles
- Maintain security tools, processes, and policies aligned with industry standards such as NIST, CIS, ISO 27001, HIPAA, and PCI DSS
- Conduct and lead vulnerability assessments and penetration testing, directing remediation efforts
- Oversee incident response, including stakeholder communications and compliance with Arizona breach notification laws, followed by post-incident reviews
- Develop and update security policies and provide training for internal staff and clients
- Mentor junior security engineers and supervise security-focused projects
- Monitor security alerts and events using SIEM and related tools
- Support patch management across client environments
- Investigate and report potential vulnerabilities or breaches
- Prepare regular security reports for senior management and clients
- Assist with audits and regulatory compliance efforts
- Collaborate with sales and account teams to assess client security needs and design solutions
- Implement automation and advanced tools such as MFA and encryption to scale security across multiple clients
Requirements
- Strong analytical and problem-solving abilities
- Excellent communication skills, with the ability to explain security concepts to technical and non-technical audiences
- Strong collaboration and client-facing capabilities
- Familiarity with security frameworks including NIST, CIS, and ISO 27001
- Cloud security knowledge across AWS and Azure
- Understanding of common attack vectors and mitigation techniques
- Knowledge of HIPAA and PCI DSS compliance requirements
- Experience with automation in multi-client environments
Technologies
- AWS, Azure
- SIEM, MFA, encryption
- Operating systems: Windows, Linux, MacOS
- Networking: TCP/IP, HTTP, DNS
- Security controls: Firewalls, IDS/IPS
- Vulnerability management tools
- Compliance frameworks: NIST, CIS, ISO 27001, HIPAA, PCI DSS
Benefits
- 401(k)
- 401(k) matching
- Dental insurance
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Vision insurance
About the Role
The Security Solutions Engineer, Level 2, designs, implements, and maintains security solutions that protect both the organization and its clients. The role leads projects, manages incident response, ensures compliance with industry standards and state laws, including Arizona data breach notification requirements, and mentors junior staff. It blends hands-on technical work with client-facing collaboration to uphold a proactive security posture across multiple client environments.
Skills & Abilities
- Strong analytical and problem-solving skills
- Excellent communication skills for technical and non-technical audiences
- Strong collaboration and client-facing capabilities
- Familiarity with security frameworks (NIST, CIS, ISO 27001)
- Cloud security knowledge (AWS, Azure)
- Understanding of attack vectors and mitigation techniques
- Knowledge of HIPAA and PCI DSS
- Experience with automation in multi-client environments
Preferred Background
- Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent experience
- Certifications such as Security+, CEH, CASP, SSCP, CISSP, or CISM
- 4–6 years of cybersecurity experience, including at least 2 years as a Security Engineer
- Familiarity with NIST, CIS, ISO 27001 and cloud platforms (AWS, Azure)
- Knowledge of network protocols (TCP/IP, HTTP, DNS)
- Experience with firewalls, IDS/IPS, and vulnerability management tools
- Operating systems experience across Windows, Linux, and MacOS
- Background in an MSP or multi-client environment is highly desirable
- Awareness of Arizona data breach notification laws is a plus
Equal Opportunity Employer
One Step is an Equal Opportunity Employer. The company provides equal employment opportunities to all employees and applicants and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, political affiliation, marital status, genetics, protected veteran status, sexual orientation, gender identity, or other non-merit factors.
Job Type
Full-time
Pay
USD 80,000 - 85,000 per year
Location and Work Details
Location: Phoenix, Arizona (onsite)
Ability to commute: Phoenix, AZ 85027 (Required)
Work location: In person