IT Security Engineer - Hybrid - Remote

What You’ll Be Doing

Bring your passion for information technology and security engineering to a role where it truly makes an impact. As the IT Security Engineer, you will be responsible for designing, implementing, and maintaining security controls and platforms that protect the organization’s information systems, networks, and data. This role will work closely with IT and business teams to identify security risks, respond to incidents, and ensure compliance with internal policies and regulatory requirements.

• Design, implement, administer and maintain enterprise information security platforms and solutions
• Monitoring potential security incidents and events
• Vulnerability and threat assessment and remediation
• Threat intelligence operationalization
• Security platform assessment and selection
• Security awareness and training
• Security consulting for internal teams and departments regarding appropriate applications, configurations, policies, and controls

• Develop, document and test organizational incident response plans, disaster recovery plans and business continuity plans
• Manage complex security incidents, including coordination with internal and external resources
• Maintain defensible evidence

• Manage and conduct internal and external audits and assessments
• Manage vendor and third‑party risk, including ongoing assessments and remediation plans
• Develop, implement and manage security and risk policies, procedures, standards and guidelines
• Design, implement and assess security controls to meet industry best practices and legal and regulatory requirements

• Perform security incident and threat management, including monitoring security events, identifying abnormal/malicious behavior, investigating, triaging and remediating security incidents
• Plan, coordinate, implement and support information security measures and platforms to protect data, software and hardware
• Perform information security risk assessments, including service‑specific risk assessments of networks, systems, data security, network infrastructure and reporting on security status and incidents
• Develop and maintain complete security documentation related to security design, implementation, processes and practices
• Provide consultation to business units and technology teams on security best practices and ongoing requirements

NOTE:

This position is subject to a 24‑hour on‑call rotation and must be able to be onsite within 1 hour.

Wake County Information Technology is a leading technology organization in the Research Triangle area. Our team values collaboration, innovation and a healthy work/life balance. We recognize our employees with competitive salaries and top‑notch benefits.

• Bachelor’s degree in Computer Science, Information Systems, Computer Engineering or related field
• Three years of experience in security design and administration
• Equivalent education and experience are accepted
• Please include ALL prior work experience on your application and resume

• Active Certified Information Systems Security Professional (CISSP), Security+, or equivalent security certifications
• Experience implementing security controls governed by legal and regulatory requirements such as HIPAA and PCI
• Experience administering, maintaining and troubleshooting enterprise security platforms (firewalls, intrusion detection/prevention, web filtering, vulnerability management, endpoint protection, email protection and encryption)
• Experience defining security standards and incident response plans to detect, respond and recover from security incidents
• Experience performing vulnerability assessments and penetration testing and defining effective remediation plans
• Experience developing, implementing and testing business continuity and disaster recovery plans

• Advanced knowledge of information security architecture, technologies, best practices and controls
• In depth knowledge of common information security frameworks and standards and compliance regulations such as ISO 27001/27002, NIST, PCI‑DSS,…