Information Security Engineer

Please find details for this position below:

Job Title: Information Security Engineer – Security Configuration Baseline

Hybrid working model – 3 days onsite/2 days remote each week

Location options: Charlotte, NC / Chandler, AZ / Las Colinas, TX

Contract: 12 months

MUST HAVES

• Cloud technology exp 5 plus years
• Risk and Control 3 plus years
• Cloud security posture management 3 to 5 years
• Development (software) Python - - Writing scripts 2 to 4 years

• Preferred - Regulated industry
• Industry standards and authoritative sources (ie NIST, CSA, CIS benchmark )
• Azure and Google cloud
• Security Baseline

Job Summary:

The Security Configuration Baseline Engineer is responsible for designing, engineering, and operationalizing security configuration baselines across enterprise technology platforms. This role sits at the intersection of GRC, cloud security architecture, and automation, translating policy requirements and industry standards into codified, enforceable, and auditable security baselines.

The role focuses on baseline engineering—not advisory architecture—with accountability for converting standards, policies, and risk requirements into baseline as code, enabling preventative controls, drift detection, exception workflows, and enterprise scale governance via the Cloud Security Benchmark (CSB) system of record.

Required Qualifications

• 5 years of experience in cloud security, platform security, or security engineering
• Hands on experience with security configuration baselines or hardening standards
• Strong working knowledge of:
• Public cloud platforms (Azure and/or GCP preferred)
• Policy as code or guardrail frameworks
• Infrastructure as Code (e.g., Terraform)
• Experience mapping security controls to industry standards (CIS, NIST, ISO)
• Ability to produce clear, structured, audit ready documentation
• Experience operating in large, regulated enterprise environments

Preferred Qualifications

• Experience with a baseline as code program
• Familiarity with cloud organization level controls (management groups, folders, org policies)
• Experience with CI/CD integration of security controls
• Exposure to risk management, audit response, or regulatory examinations
• Background in automating governance processes (exception workflows, control validation, reporting)

Key Skills & Attributes

• Engineering mindset with strong governance discipline
• Comfortable translating ambiguity into explicit, machine enforceable requirements
• Detail oriented with a strong emphasis on traceability and defensibility
• Strong written communication skills for executive, audit, and technical audiences
• Able to work independently while collaborating across multiple enterprise teams

EEO:

“Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”