What are the responsibilities and job description for the Information Security Engineer position at Vertex Computer Systems?
Job Details
Job Description:
Client Infrastructure & Security team is seeking an Information Security Engineer focused on strengthening security compliance, closing audit gaps, and hardening our infrastructure and cloud environment.
This role bridges infrastructure operations and cybersecurity, working directly with Infrastructure and Cloud Operations teams to ensure compliance with NIST and other enterprise security frameworks while maintaining operational stability.
You will be responsible for driving proactive improvement of our security posture—from patch governance and vulnerability management to Defender for Cloud optimization and alignment with audit and compliance requirements.
Key Responsibilities
Security & Compliance
· Serve as divisional lead for NIST 800-171 control alignment, tracking, and remediation.
· Partner with Internal Audit and Enterprise Security to review non-compliance findings and drive resolution.
· Maintain and improve Defender for Cloud posture management across Azure infrastructure.
· Identify, prioritize, and remediate vulnerabilities across infrastructure, networks, and systems.
· Develop and implement Linux patch management strategy and compliance reporting.
· Contribute to policy documentation and control evidence collection for SOX and NIST readiness.
Infrastructure & Cloud Security Operations
· Work closely with Infrastructure, Cloud Ops, and Application teams to assess risk and prevent operational disruption.
· Integrate security best practices into Azure, network, and datacenter operations.
· Utilize Defender, Azure Security Center, and related tools to monitor and report on environment health.
· Coordinate with Cloud and Systems Engineers to validate patch success, compliance metrics, and configuration baselines.
· Automate recurring security validation and compliance tasks using scripting (PowerShell, Python, Bash).
Required Qualifications
· 4–7 years of experience in Information Security, Infrastructure Engineering, or Cloud Operations.
· Proven experience with Defender for Cloud, Azure Security Center, or equivalent platforms (e.g., Tanium, Nessus, Qualys).
· Working knowledge of NIST 800-171, NIST CSF, or ISO 27001 frameworks.
· Experience managing patching and vulnerability remediation across Windows and Linux environments.
· Proficiency with scripting or automation tools (PowerShell, Python, Bash).
· Familiarity with Active Directory, Azure AD, and network security principles.
Preferred Qualifications
· Experience with Fortify or similar static code analysis tools.
· Familiarity with KnowBe4, VRX, or patch compliance tracking systems.
· Exposure to Azure DevOps, IaC, and configuration-as-code methodologies.
· Security or cloud certifications (e.g., AZ-500, Security , CISSP, or equivalent).