IT Infrastructure Security Operations Engineer

Responsibilities:

• Own and execute the Continuous Diagnostics and Mitigation (CDM) program for enterprise infrastructure, including both Windows and Linux environments.
• Manage and enforce patch management cadence across all infrastructure systems, tracking compliance and driving remediation of gaps.
• Establish and maintain configuration baselines for servers, endpoints, and network-adjacent systems; monitor for drift and enforce corrections.
• Coordinate vulnerability remediation by triaging scan results, prioritizing findings, and working with Systems and Network teams to implement fixes within defined SLAs.
• Conduct and manage access reviews, ensuring appropriate permissions, removing stale accounts, and documenting findings.
• Continuously monitor infrastructure security posture using available tools (SIEM, endpoint protection, vulnerability scanners) and escalate anomalies as appropriate.
• Prepare and maintain operational evidence to support internal and external audits, ensuring Infrastructure Operations can demonstrate compliance with frameworks such as CMMC, SOC2, and ISO 27001.
• Create, update, and maintain detailed documentation for security operations processes, controls, and remediation activities.
• Collaborate with the Cybersecurity team to align operational execution with governance requirements, audit findings, and evolving security standards.
• Collaborate with Systems Administrators and Systems Engineers to ensure security practices are integrated into daily infrastructure operations rather than treated as separate workstreams.
• Identify opportunities to automate and improve security operations workflows, reducing manual effort and increasing consistency.
• Provide Tier 2/3 escalation support for security-related infrastructure issues and end user support requests that exceed Help Desk capabilities.
• Stay current with evolving threats, vulnerabilities, and industry best practices to continuously improve the organization's security posture.

Required Skills & Experience:

• 6+ years of experience in infrastructure security operations, systems administration with a security focus, or a related technical discipline.
• Strong hands-on experience across both Windows and Linux server environments.
• Demonstrated experience with patch management processes and tools across heterogeneous environments.
• Experience with vulnerability scanning, triage, and remediation coordination.
• Familiarity with SIEM platforms, endpoint protection tools, and infrastructure monitoring solutions.
• Understanding of configuration management and baseline enforcement concepts.
• Experience conducting or supporting access reviews and identity hygiene processes.
• Working knowledge of compliance frameworks such as CMMC, SOC2, or ISO 27001 and experience preparing operational evidence for audits.
• Strong documentation skills and a disciplined approach to process consistency.
• Excellent communication and collaboration skills, with the ability to work across infrastructure, security, and leadership teams.

Preferred Skills & Experience:

• Experience building or maturing a CDM program or equivalent continuous security operations function.
• Familiarity with scripting and automation (PowerShell, Bash, Python) to streamline security operations tasks. 
• Experience with configuration management tools such as Ansible, Puppet, or similar.
• Experience with Active Directory, Group Policy, and M365/Entra from a security and compliance perspective.
• Familiarity with network security concepts (firewalls, segmentation, VPN) sufficient to collaborate with Network Engineering.
• Relevant certifications such as CompTIA Security+, CISSP, CISM, GIAC, orsimilar.