Senior Information Security Engineer

Looking for a meaningful next step in your cybersecurity career? Bring your cybersecurity expertise to Cary! You’ll engineer advanced defenses, strengthen core infrastructure, and protect the critical systems that keep essential public services operating securely and reliably. This is your chance to lead high impact security initiatives, shape long term strategy, and strengthen the trust our community places in us.

The Senior Information Security Engineer serves as the operational and technical lead for Cary’s information security program. This position is responsible for leading day-to-day security operations, leading security engineering staff, and ensuring the effective implementation, operation, and continuous improvement of cybersecurity controls across the Town’s enterprise environment.

Working under the direction of the Chief Information Security Officer (CISO), the Senior Information Security Engineer translates strategic security objectives into operational execution, leads incident response activities, and drives security tooling and process execution. This role has a critical focus on protecting public safety systems, including Police, Fire, and other life‑safety technologies, and ensuring compliance with CJIS and other regulatory requirements.

This role also provides cybersecurity oversight and operational security leadership for industrial control systems and operational technology (OT), including SCADA environments supporting Town utilities and critical services.

The Senior Information Security Engineer acts as the primary operational security leader during cybersecurity incidents when the CISO is unavailable and represents information security within technical and operational forums. The position is expected to collaborate across technical teams, provide mentorship and technical guidance to junior security staff, and contribute to the long‑term maturity of the Town’s cybersecurity program.

If you’re driven by purpose, energized by complex challenges, and ready to make a meaningful difference across our organization and community, we want you on our team!

• Leads day‑to‑day cybersecurity operations for the Town, ensuring effective monitoring, detection, response, and recovery activities.
• Provide technical leadership and guidance to the Information Security team, and supporting a high‑performing environment.
• Serves as an incident response lead and may act as incident commander during cybersecurity events based on availability and incident scope.
• Participates in on‑call rotations and responds to after‑hours security incidents affecting Town systems.
• Coordinates cybersecurity response and recovery efforts for Police, Fire, and other mission‑critical and life‑safety systems.
• Ensures compliance with CJIS security requirements, supports audits, and implements required safeguards and corrective actions.
• Support and drives the operational management of security technologies, including SIEM, EDR, vulnerability management, identity and access management, email security, cloud security platforms, and related tools.
• Conducts security investigations, forensic analysis, and containment actions in coordination with IT, public safety, legal, and executive leadership.
• Reviews and implements security controls and technical safeguards under the strategic direction of the CISO.
• Provides architectural input on infrastructure, application, and cloud initiatives to ensure security is integrated into Town technology solutions.
• Develops and refines operational security procedures, playbooks, and documentation.
• Designs, implements, manages, and reviews network security controls, including firewalls, access control lists (ACLs), and network segmentation, to protect enterprise and public safety systems.
• Administers identity and access management controls, including multi‑factor authentication (MFA), single sign‑on (SSO), and privileged access mechanisms, across on‑premises and cloud environments.
• Reviews and approves firewall rules, access policies, and identity configurations to ensure alignment with security standards, CJIS requirements, and operational needs.
• Conducts…