Security Engineer II

# Security Engineer II

**Position Type:** Full Time

**Location:** Remote, US

**Company Overview**

SCS Global Services is a pioneer and leader in the field of sustainability standards and third-party certification, working across the economy in the natural resources, built environment, food and agriculture, consumer products, and climate sectors for over 40 years. As a Benefit Corporation, we are committed to socially and environmentally responsible business practices, and through the application of sound science, we are driving positive change.

**Job Overview**

The Security Engineer II is responsible for the design, implementation, and lifecycle ownership of assigned security controls across identity, infrastructure, network, workload, and data layers. This role operates with a high degree of autonomy in a small team environment, independently identifying gaps, proposing remediation plans with estimated effort and complexity, and executing approved work. The ideal candidate brings deep infrastructure engineering knowledge to ensure security solutions are practical, operationally sound, and aligned with business impact. This role represents a fully independent individual contributor position and is differentiated from Security Engineer I by its expectation for independent scoping, design level ownership of security control implementations, with minimal day to day oversight.

**Essential Duties and Responsibilities**

- Design and implement security control architectures and reference implementation patterns aligned with ISO 27001:2022 and related security frameworks (CIS, NIST CSF, MITRE ATT&CK), within established organizational standards - Engineer and maintain assigned security controls across the following domains: Identity: Entra ID/Conditional Access/MFA/PAM, Endpoint: Intune/EDR/XDR (CrowdStrike), Workloads: Azure/AWS security/container security/CI/CD controls, Data: DLP/encryption/key management - Develop, maintain, and operationalize security standards, baselines, and reference architectures in partnership with IT and application stakeholders - Perform threat modeling (STRIDE) and risk assessments for new systems and material changes, translating findings into actionable security controls and remediation recommendations - Lead security discovery and integration activities for new and existing environments, including current state assessment, gap analysis, and development of prioritized remediation plans - Proactively identify security improvement opportunities, propose viable solutions, and execute approved work items to completion - Integrate and optimize security tooling, including log source onboarding, alert tuning, and workflow automation - Partner with Development and Application teams to embed security by design - Support audit and compliance activities related to ISO 27001:2022, including evidence collection and control implementation validation

**Minimum Qualifications**

- Bachelor's Degree in computer science, information systems, or a related field, or equivalent work experience AND - 6+ years of IT Experience AND - 3+ years in an IT Security or Security Engineering role - Strong practical knowledge of systems and infrastructure engineering (Windows/Linux fundamentals, networking, cloud architecture, identity, and common enterprise services) to make sound security recommendations and assess operational impact - Proven ability to scope security improvements into actionable work items, estimate level of effort, and partner with infrastructure/application owners to drive implementation - Cloud security experience (Azure preferred) - Experience with scripting and infrastructure as code for security automation and control deployment (PowerShell, Terraform, ARM/Bicep) to implement at scale - Experience with a MDR/vSOC provider and integrating EDR telemetry and incident workflows (CrowdStrike preferred) - Strong understanding of Identity and Access Management (IAM) concepts and implementations - Working knowledge of industry security frameworks and standards, including ISO 27001:2022 (preferred), NIST CSF, CIS Controls, and MITRE ATT&CK, and their application to security control design - Demonstrated ownership mindset: able to work from broad direction, handle ambiguity, prioritize, and drive work to completion - Practical experience implementing security controls within Azure/M365 environments - Experience with SIEM platforms, including log onboarding, detection tuning, and workflow integration (Microsoft Sentinel preferred) - Strong analytical skills with the ability to translate security and infrastructure risk into practical technical controls

**Preferred Qualifications**

- Microsoft Azure Security Engineer - Microsoft Azure Administrator - Microsoft Azure Architect - Certified Cloud Security Professional (CCSP)

**Estimated Annual Salary**

$100,000 - $130,000

**Remote Work**

This role will be based out of your home office, allowing flexibility to work remotely.

**Equal Employm

Apply directly on RemoteJobs.org: https://remotejobs.org/remote-jobs/security-engineer-ii-scs-global-services