Jobs · Information Technology · Illinois

Senior Information Engineer

Fulcrum GT · Schaumburg, IL · 2 mo ago
Information TechnologyFull-time

Position Summary

The Fulcrum GT Senior Information Engineer will lead the design, implementation, and management of controls that support enterprise-level security frameworks and compliance.

Key Responsibilities

  • Design, implement, and maintain security controls that support compliance with SOC 2 Type II, ISO/IEC 27001, ISO/IEC 42001, CSA STAR Level 2, and CyberEssentials+ standards.
  • Oversee the enterprise Identity and Access Management (IAM) program, including role-based access controls, privileged access management, and access governance processes.
  • Manage secure authentication systems including multi-factor authentication (MFA) and single sign-on (SSO).
  • Implement and maintain malware protection solutions across endpoints, servers, and cloud workloads, including next-generation antivirus and endpoint detection and response (EDR) platforms.
  • Design and enforce data loss prevention (DLP) strategies and technologies to protect sensitive information across email, endpoints, network, and cloud environments.
  • Establish and maintain IT asset configuration management processes, including configuration baselines, change control, and automated compliance monitoring.
  • Lead the technical vulnerability management program, including vulnerability scanning, assessment, prioritization, remediation tracking, and exception management.
  • Collaborate with VP, Director of Infrastructure, and CISO to architect and implement cloud security controls across GCP and Azure.
  • Oversee physical security monitoring systems, including access control systems and integration with logical security controls.
  • Collaborate with VP and CISO on security assessments, gap analyses, and remediation efforts.
  • Collaborate with external auditors during security assessments, audits, and certification processes.
  • Provide technical leadership and mentorship to the security team, fostering a culture of continuous improvement and security awareness.

Core Technical Expertise

  • Identity and Access Management (IAM): Extensive experience with enterprise IAM platforms. Implementation of RBAC, ABAC, and least-privilege access models. Privileged access management (PAM) and secrets management solutions. Identity lifecycle management and automated provisioning/de-provisioning.
  • Secure Authentication: Multi-factor authentication (MFA) implementation and enforcement. Single sign-on (SSO) integration and federation protocols (SAML, OAuth 2.0, OIDC). Certificate-based authentication and PKI management.
  • Malware Protection: Enterprise antivirus and anti-malware deployment and management. Endpoint detection and response (EDR) and extended detection and response (XDR) platforms. Threat intelligence integration and automated response capabilities. Malware analysis and incident response procedures.
  • Data Loss Prevention: Enterprise DLP solution implementation. Data classification and labeling strategies. Content inspection and policy enforcement across network, endpoint, and cloud. Encryption and tokenization technologies for data protection.
  • IT Asset Configuration Management: Configuration management tools. Security baseline development and enforcement. Automated compliance scanning and drift detection. Infrastructure as Code (IaC) security and configuration validation.
  • Vulnerability Management: Technical vulnerability management program. Vulnerability assessment tools. Vulnerability prioritization. Patch management processes and automation. Penetration testing coordination and vulnerability validation.

Required Qualifications

  • Bachelor's degree in Computer Science, Information Security, or related technical field (or equivalent experience).
  • Minimum 7-10 years of experience in IT or information security, with at least 3 years in a leadership role.
  • Hands-on technical experience implementing and managing security controls in enterprise environments.
  • Deep understanding of security frameworks including NIST CSF, CIS Controls, and MITRE ATT&CK.
  • Knowledge of emerging technologies including AI/ML security, zero-trust architecture, and DevSecOps.
  • Scripting and automation skills (e.g., Python, PowerShell, Bash, Terraform).

Similar jobs

Senior Software Engineer

The Amatriot GroupSterling, VA· 2 wk ago
Information Technology$185k–$225k/yrapply on amatriot.clearcompany.com

Senior Software Engineer

SymboticAustin, TX· 2 wk ago
Engineering$149k–$205k/yrapply on symbotic.wd504.myworkdayjobs.com

Senior Software Engineer

Ritchie Bros.Fredericksburg, VA· 1 wk ago
RemoteEngineeringapply on fa-exew-saasfaprod1.fa.ocs.oraclecloud.com

Senior Software Engineer

CognizantWoonsocket, RI· 1 wk ago
Information Technology$90k–$140k/yrapply on careers.cognizant.com