Information Security Engineer (Remote)

The Information Security Engineer is responsible for designing, implementing, and maintaining robust security solutions to safeguard the organization's information assets, systems, and networks. This role ensures the confidentiality, integrity, and availability of data by proactively identifying, assessing, and mitigating security risks across enterprise environments. The Information Security Engineer collaborates with IT, DevOps, and business teams to integrate security best practices into system architecture, application development, and operational processes.

Key responsibilities include conducting vulnerability assessments, penetration testing, and incident response activities; developing and enforcing security policies, standards, and procedures; and ensuring compliance with industry frameworks such as NIST, ISO 27001, HIPAA, and other regulatory requirements. The engineer is expected to stay current with emerging threats, technologies, and trends, and to contribute to continuous improvement of the organization's security posture.

This position requires strong technical expertise in security technologies (e.g., SIEM, firewalls, endpoint protection, cloud security), experience with risk management and remediation strategies, and the ability to communicate complex security concepts to both technical and non-technical stakeholders. The Information Security Engineer plays a critical role in supporting audit and compliance initiatives, maintaining incident response readiness, and fostering a culture of security awareness throughout the organization.

At Businessolver you have opportunities for individual development through our common language: Respond Readily. Trust through transparency. Assume positive intent. Be real. Live a growth attitude. Embrace the reverse golden rule.

Essential Duties:

• Design, implement, and manage security technologies (e.g., firewalls, intrusion detection/prevention systems, endpoint protection).
• Monitor security systems and respond to security incidents, including investigation and remediation.
• Conduct vulnerability assessments and penetration testing; recommend and implement mitigation strategies.
• Develop and maintain security policies, standards, and procedures in alignment with regulatory requirements.
• Collaborate with IT and business teams to ensure secure architecture and application development.
• Provide security awareness training and guidance to employees.
• Research and evaluate emerging security threats and technologies.
• Performs other duties as assigned.
• Comply with all policies and standards.

What you need to make the cut:

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent professional experience)
• 3-5+ years of hands-on experience in information security engineering, cybersecurity operations, or related discipline
• Professional certifications strongly preferred: CISSP, CISM, CEH, GIAC, CompTIA Security+, or equivalent
• In-depth knowledge of security frameworks and standards (NIST, ISO 27001, PCI DSS, HIPAA, SOC 2, etc.)
• Experience with security technologies: SIEM, firewalls, IDS/IPS, endpoint protection, DLP, vulnerability management, and cloud security platforms (AWS, Azure, GCP)
• Proficiency in scripting or programming languages (Python, PowerShell, Bash, etc.) for automation and security tool integration
• Strong understanding of network protocols, operating systems (Windows, Linux, macOS), and secure architecture principles
• Demonstrated experience in incident response, forensics, and threat intelligence
• Familiarity with regulatory compliance requirements and audit processes
• Excellent analytical, problem-solving, and communication skills; ability to convey complex security concepts to technical and non-technical audiences
• Commitment to continuous learning and staying current with emerging threats, technologies, and industry trends

The pay range for this position is $79K to $123K per year (pay to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data).

This role is eligible to participate in the bonus incentive plan.