POSITION SUMMARY Job Function: The IT Security Engineer is responsible for assisting in designing, planning, implementing, and supporting security solutions across enterprise systems, including networks, servers, communications, workstations, and cloud environments. This role plays a critical part in maintaining the company's overall security posture and defending against security threats. The IT Security Engineer works closely with IT Operations, IT Development, Information Security, Risk Management, Compliance and Internal Audit teams to ensure secure architecture, continuous monitoring, vulnerability management, and audit readiness. This is a highly technical, hands-on position responsible for delivering secure solutions and escalating key matters directly to management as needed. This role reports to the Director, IT Systems Engineering PRIMARY RESPONSIBILITIES Security Engineering • Assist in designing, implementing, and maintaining secure network, system, application and cloud environments. • Assist in the development and enforcement of security policies, standards, and procedures aligned with NIST CSF and CIS Benchmarks. • Implement and manage access controls to protect sensitive data and systems. • Stay informed on emerging threats and recommend mitigations and new technologies. • Support IT Operations and Development in deploying and configuring security solutions and training them in information security practices to ensure secure system design and operational resilience. • Use scripting languages (PowerShell, Python, Bash) to automate routine security tasks, improve detection capabilities, and support remediation efforts. • Assist in threat hunting initiatives by leveraging logs, telemetry, and threat intelligence across security, operations, and application development environments. • Engage in audit related findings to determine, validate, and implement remediations. Monitoring & Incident Response • Monitor network and system infrastructure for security threats and anomalies. • Establish processes to detect, isolate, and remediate potential threats using SIEM and other security tools. • Investigate security incidents, conduct root cause analysis, and support forensic activities. • Collaborate with the vSOC and internal teams to triage and resolve alerts in a timely manner. Vulnerability & Risk Management • Assist with vulnerability scanning, validation of vulnerabilities, and reporting. • Support penetration testing activities and assist in the remediation of findings. • Track and report key metrics related to vulnerabilities, baseline hardening, and risk posture. • Administer patch management solutions for all network related devices and endpoints. Collaboration & Support • Collaborate with IT teams to ensure secure deployment, configuration, and operation of applications and security tools across the environment. • Support IT Operations and Development in securely deploying and configuring applications and systems within the VolCorp environment. • Train IT Operations and Development on information security practices to ensure secure system design and operational resilience. • Assist colleagues in implementing security solutions and following leading practices. • Resolve assigned IT security tickets quickly and effectively. • Contribute to the ongoing improvement, enhancement, and maturity of VolCorp applications and solutions with a security mindset. • Performs other job-related duties and responsibilities as assigned. QUALIFICATIONS • Strong time management and organizational skills with the ability to handle multiple priorities. • Action oriented, willing to work in ambiguity and step outside the box to accomplish goals. • Excellent written and verbal communication skills. • Customer focused; work with your internal customers in mind and dedicated to meeting their expectations. • Outstanding people skills with the ability to work with all levels of employees. • Strong problem-solving skills. PREFERRED EDUCATION AND EXPERIENCE • Bachelor's degree in computer technology or related areas or equivalent years of directly related experience. • 4 or more years of hands-on experience in information security, with exposure to security tools, practices, and frameworks. SKILLS, KNOWLEDGE, ABILITIES • Experience with compliance, NIST CSF framework, CIS benchmark and ITIL standards. • Experience with the following solutions (or equivalent solutions): Firewalls, EDR/XDR, Identity based solutions, MFA, vulnerability scanners, email security, Microsoft, ticketing systems, MDM solutions, etc. • Experience with server virtualization, Windows Server, BitLocker, MS365, Azure, DLP, Windows 10/11, etc. • Understanding firewall technologies, secure network protocols, and mechanisms for controlling data ingress and egress.

Must be able to pass a credit, criminal, and employment background check.