Senior Information Engineer

Position Summary

The Fulcrum GT Senior Information Engineer will lead the design, implementation, and management of controls that support enterprise-level security frameworks and compliance. This role will be responsible for ensuring that Fulcrum GT maintains a robust security posture across multiple standards including SOC 2, ISO/IEC 27001, ISO/IEC 42001, CSA STAR Level 2, and CyberEssentials+. The Fulcrum GT Senior Information Engineer Manager will possess deep technical expertise in implementing and managing security controls across enterprise infrastructure, identity systems, and cloud environments.

Key Responsibilities

• Design, implement, and maintain security controls that support compliance with SOC 2 Type II, ISO/IEC 27001, ISO/IEC 42001, CSA STAR Level 2, and CyberEssentials+ standards.
• Oversee the enterprise Identity and Access Management (IAM) program, including role-based access controls, privileged access management, and access governance processes.
• Manage secure authentication systems including multi-factor authentication (MFA) and single sign-on (SSO).
• Implement and maintain malware protection solutions across endpoints, servers, and cloud workloads, including next-generation antivirus and endpoint detection and response (EDR) platforms.
• Design and enforce data loss prevention (DLP) strategies and technologies to protect sensitive information across email, endpoints, network, and cloud environments.
• Establish and maintain IT asset configuration management processes, including configuration baselines, change control, and automated compliance monitoring.
• Lead the technical vulnerability management program, including vulnerability scanning, assessment, prioritization, remediation tracking, and exception management.
• Collaborate with VP, Director of Infrastructure, and CISO to architect and implement cloud security controls across GCP and Azure.
• Oversee physical security monitoring systems, including access control systems and integration with logical security controls.
• Collaborate with VP and CISO on security assessments, gap analyses, and remediation efforts.
• Collaborate with external auditors during security assessments, audits, and certification processes.
• Provide technical leadership and mentorship to the security team, fostering a culture of continuous improvement and security awareness.

Core Technical Expertise

Identity and Access Management (IAM)

• Extensive experience with enterprise IAM platforms.
• Implementation of RBAC, ABAC, and least-privilege access models.
• Privileged access management (PAM) and secrets management solutions.
• Identity lifecycle management and automated provisioning/de-provisioning.

Secure Authentication

• Multi-factor authentication (MFA) implementation and enforcement.
• Single sign-on (SSO) integration and federation protocols (SAML, OAuth 2.0, OIDC).
• Certificate-based authentication and PKI management.

Malware Protection

• Enterprise antivirus and anti-malware deployment and management.
• Endpoint detection and response (EDR) and extended detection and response (XDR) platforms.
• Threat intelligence integration and automated response capabilities.
• Malware analysis and incident response procedures.

Data Loss Prevention

• Enterprise DLP solution implementation.
• Data classification and labeling strategies.
• Content inspection and policy enforcement across network, endpoint, and cloud.
• Encryption and tokenization technologies for data protection.

IT Asset Configuration Management

• Configuration management tools.
• Security baseline development and enforcement.
• Automated compliance scanning and drift detection.
• Infrastructure as Code (IaC) security and configuration validation.

Technical Vulnerability Management

• Vulnerability assessment tools.
• Vulnerability prioritization.
• Patch management processes and automation.
• Penetration testing coordination and vulnerability validation.

Physical Security Monitoring

• Physical access control systems (PACS) and badge management.
• Integration of physical and logical security controls.

Compliance and Standards Expertise

• SOC 2 Type II: Understanding of Trust Service Criteria and evidence requirements for security, availability, processing integrity, confidentiality, and privacy.
• ISO/IEC 27001: Experience in supporting an Information Security Management System (ISMS) and Annex A controls.
• ISO/IEC 42001: Knowledge of AI Management System requirements and controls for artificial intelligence governance.
• CSA STAR Level 2: Familiarity with Cloud Controls Matrix (CCM) and Cloud Security Alliance attestation requirements.
• CyberEssentials+: Understanding of UK government cyber security certification requirements including boundary firewalls, secure configuration, access control, malware protection, and patch management.

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or related technical field (or equivalent experience).
• Minimum 7-10 years of experience in IT or information security, with at least 3 years in a leadership role.
• Hands-on technical experience implementing and managing security controls in enterprise environments.
• Deep understanding of security frameworks including NIST CSF, CIS Controls, and MITRE ATT&CK.
• Knowledge of emerging technologies including AI/ML security, zero-trust architecture, and DevSecOps.
• Scripting and automation skills (e.g., Python, PowerShell, Bash, Terraform).

Key Competencies

• Ability to align security initiatives with business objectives.
• Strong analytical and problem-solving abilities.
• Continuous learning mindset to stay current with evolving threats and technologies.
• Collaborative approach with ability to work across technical and business teams.

Benefits

• Competitive Health, Dental and Vision Insurance  
• Pet Insurance
• 401k
• Flexible schedule
• Paid Holidays plus Paid Time Off

Job Type

• Full-time

Language

• English (Required)