Security Engineer Remote Jobs in Wyoming (US)

This page tracks remote security engineer openings that are location-eligible for Wyoming.

Open jobs

3,506

Hiring companies this week

Salary sample

$90,000 - $208,000

Jobs added last hour

Strict location onlyShow closed jobs

Post Date

Minimum Salary

Experience

3506 Jobs

1815 Companies

Federal Security Officer

AppGate Cybersecurity, Inc.

AppGate is a leading cybersecurity company and pioneer in the Zero Trust Network Access (ZTNA) market focused on providing cutting-edge solutions that protect organizations from evolving threats. Our mission is to support the warfighter, the national security community, and critical infrastructure by providing trusted access that ensures mission success.

Security Engineer23 hours ago

Full Time Remote Mid Level

Role Description The Federal Security Officer (FSO) is AppGate's primary point of accountability for industrial security across our programs. You will manage personnel security, facility clearance (FCL) compliance, classified information handling, and security education — ensuring AppGate meets all contractual and regulatory obligations while supporting a fast-moving software engineering and delivery organization. Key Responsibilities - Personnel Security - Own the full lifecycle of personnel security clearances — initiations, sponsorships, reinvestigations, and terminations — using DISS/NBIS. - Serve as the primary liaison with DCSA (Defense Counterintelligence and Security Agency) and other cognizant security authorities. - Conduct security briefings, debriefings, foreign travel briefings, and annual security awareness training for cleared staff. - Maintain accurate records of cleared employees, visitor certifications, and foreign national contacts. - Facility Clearance & Physical Security - Manage and maintain AppGate's Facility Clearance (FCL) in accordance with DCSA guidance and NISPOM (32 CFR Part 117). - Oversee physical security controls including access management, classified storage, open storage areas, and classified destruction procedures. - Conduct and document periodic self-inspections; develop and track corrective action plans. - Manage classified visit certifications and coordinate cleared personnel access to government and contractor facilities. - Information Security & Program Support - Ensure proper handling, transmission, storage, and disposition of classified information and Controlled Unclassified Information (CUI). - Support program managers in reviewing DD Form 254s (Contract Security Classification Specifications) for new and existing contracts. - Partner with AppGate's IT and DevSecOps teams to ensure classified and sensitive program environments meet applicable security requirements. - Interface with government Program Security Officers (PSOs) on program-specific security requirements and deliverables. - Compliance, Policy & Incident Management - Maintain compliance with NISPOM, ITAR, EAR, and relevant federal security directives across all cleared programs. - Develop and enforce security policies, procedures, and SOPs tailored to a software product company environment. - Investigate and report security incidents and violations to DCSA and appropriate authorities; drive root cause analysis and remediation. - Support CMMC assessments, government inspections, and contract-driven security audits. - Stay current on evolving federal security regulations and proactively update AppGate's security program accordingly. Qualifications - Active Secret clearance; TS or TS/SCI strongly preferred. - 5+ years of industrial security / FSO experience with a cleared defense contractor or government entity. - Deep working knowledge of NISPOM (32 CFR Part 117) and DCSA processes. - Hands-on experience with DISS, NBIS, or equivalent personnel security systems. - Experience managing an FCL and conducting DCSA self-inspections. - FSO Certification through DCSA's Center for Development of Security Excellence (CDSE) or equivalent. - Excellent communication skills — able to translate complex security requirements for non-security audiences including software engineers and executives. - Bachelor's degree in security management, information assurance, cybersecurity, or a related field — or equivalent professional experience. Preferred Qualifications - Prior FSO or security management experience at a software, SaaS, or cybersecurity company. - Familiarity with CMMC (Cybersecurity Maturity Model Certification) Level 2/3 requirements and C3PAO assessment processes. - Understanding of cloud security environments (AWS GovCloud, Azure Government) in the context of classified or CUI-handling programs. - Experience with ITAR/EAR export control compliance, including technology control plans (TCPs). - OPSEC Coordinator certification or Special Access Program (SAP) security experience. - Professional certifications: CPP (Certified Protection Professional), PSP, or SAPPC. - Familiarity with Zero Trust concepts and how they intersect with federal security program requirements — a plus given AppGate's mission. Compensation - Base salary range: 90-115k Company Description AppGate secures and protects the most valuable assets for the Department of War (DoW) and various Federal Agencies with its high performance Zero Trust Network Access (ZTNA) solution. AppGate is the only direct-routed ZTNA solution purpose-built to support DoW mission requirements by enforcing least privilege access across distributed, global, and disconnected environments. AppGate is fully operational across many DOD branches, including the Marine Corps, Navy, Air Force and Space Force.

AWS Azure SAP C++

View details: Federal Security Officer

United States

$90K - $115K / year

Apply

Director of Information Security

Civix

Civix is a leading provider of services & software for government, transportation, and grants.

Security Engineer1 day ago

Full Time Remote LeadTeam 201-500H1B Sponsor

Company Site LinkedIn

• Responsible for leading Civix's enterprise information security program across corporate systems, cloud infrastructure, SaaS products, and customer-facing security initiatives. • Partner closely with Engineering, Product Management, Cloud Operations, Compliance, Customer Success, and Executive Leadership to ensure security is embedded throughout the software development lifecycle. • Own the strategic direction, governance, and operational execution of the company's security program, including compliance initiatives, security operations, product security, security awareness, and incident response. • Lead a team of security professionals while serving as the primary security advisor for customers, auditors, vendors, and executive leadership. • Develop and execute the company's enterprise information security strategy. Establish security policies, standards, procedures, and governance practices. • Build and mentor a high-performing Information Security team.

AWS Cloud

View details: Director of Information Security

United States

Apply

Field Safety/Security Manager

ContinuityGS

Offering Global Risk Mitigation Solutions to Complex Problems

Security Engineer1 day ago

Full Time Remote SeniorTeam 1,001-5,000Since 2002H1B No Sponsor

Company Site LinkedIn

• Provide leadership and oversight for field operations • Ensure personnel safety, operational effectiveness, and compliance with contractual requirements • Foster a positive, professional, and mission-focused work environment • Oversee daily field operations to ensure work is completed accurately, efficiently, and in accordance with contractual requirements • Monitor field workflow to ensure timely and accurate documentation and reporting • Resolve operational issues that arise during daily field activities • Conduct field audits and quality assurance reviews to verify compliance, completeness, and accuracy • Maintain program reference materials, operational documentation, policies, procedures, and project files • Provide guidance to field staff regarding operational procedures, safety protocols, and contractual requirements • Oversee field activities involving address verification, interviews with family members and sponsors, case management support, and wellness checks • Ensure timely identification, documentation, and reporting of sensitive situations, including suspected trafficking, abandonment, neglect, or other safety concerns • Coordinate with leadership to support operational readiness, risk mitigation, and continuous improvement • Perform other duties as assigned • Requires regular field oversight. Travel may be required to support operational needs.

View details: Field Safety/Security Manager

United States

Apply

Security Engineer - Identity

Hallmark Cards

Security Engineer1 day ago

Full Time Remote Mid LevelTeam 10,001

Role Description The Security Engineer - Identity role exists to protect Hallmark’s digital assets and ensure the confidentiality, integrity, and availability of its information systems. This position is crucial in defending against cyber threats, mitigating vulnerabilities, ensuring secure access/authentication, and maintaining compliance with security regulations and industry standards. - Implement robust security measures and respond to security incidents. - Safeguard the company's reputation and operational continuity. - Support Hallmark’s mission by enabling a secure environment for business operations and innovation. Qualifications - Bachelor’s degree or 4 years’ professional work experience. - Experience in security tools and technologies, such as: - Firewalls - Zero trust solutions - Antivirus software - Vulnerability scanning tools - Access management tools - Authentication and authorization tools - Privileged access management tools - Security for various SAP systems - At least 4 years of experience in information security with: - Security operations - Incident response - Threat analysis - Familiarity with security frameworks and standards, such as NIST, ISO 27001, and CIS Controls - Experience handling moderately complex issues and problems. Requirements - Degree in Cybersecurity, Information Security, Computer Science, or a related field. - Certifications such as: - Certified Information Systems Security Professional (CISSP) - Certified Information Security Manager (CISM) - Certified Cloud Security Professional (CCSP) - Offensive Security Certified Professional (OSCP) - Certified Identity and Access Manager (CIAM) - Solid working knowledge of subject matter. - Experience with cloud security platforms (AWS, Azure, Google Cloud) and knowledge of securing cloud environments. - Proficiency in scripting and programming languages such as Python, PowerShell, or Bash for automation and security tool development. - Experience with security information and event management (SIEM) systems, endpoint detection and response (EDR) solutions, and advanced threat protection (ATP) tools. - In-depth understanding of identity and access management processes, including least privileged access. - Deep understanding of access methods such as single sign-on and multi-factor authentication and their use in developing a zero-trust model. - Deep understanding of privileged access management and how it can be used to limit access and risk in the case of a breach. - Understanding of how security works in SAP systems including S/4HANA, HANA, ECC, SCM, CRM, etc. Benefits - Salary range: $100,000 - $110,000. - U.S.-based remote role with access to virtual tools and team support. - Annual merit-based increases aligned with individual and company performance. - Competitive benefits package, including: - Medical, dental, and vision plans - Paid time off - 401K with company match - Profit-sharing

Firewalls SAP AWS Azure GCP Python PowerShell Shell SIEM CRM

View details: Security Engineer - Identity

United States

$100K - $110K / year

Apply

Project Electrical IV – Cyber Security

CannonDesign

We design solutions that help people continuously flourish. Living-Centered Design is how we do it.

Security Engineer1 day ago

Full Time Remote LeadTeam 1,001-5,000H1B No Sponsor

Company Site LinkedIn

• Perform electrical engineering systems design for building construction • Initiate project designs and help to develop design goals and systems • Participate or lead project teamwork planning sessions • May serve as project manager or project engineering leader and lead engineering meetings • Assume project engineering responsibilities and adhere to financial and work goals • Design lighting, power distribution, signaling, communications and/or telecommunication systems for healthcare, education/higher education and commercial clients per applicable codes • Prepare construction documents including drawings and specifications • Guide less experienced team members in execution of drawings • Specify electrical equipment • Complete quality control checks of engineering documents • Participate or lead value engineering sessions with Architectural/Engineering team • Recommend improvements with reference standards and processes to improve quality, coordination, and to streamline production efforts • Review and markup of shop drawings and submittals • Respond to RFI’s and review of change orders in the preparation of construction documents • Conduct job site visits to verify existing conditions and observe construction progress • Attend and participate in construction meetings • Support the implementation and verification of cyber-informed design principles and operational technology security requirements for critical infrastructure projects • Apply and interpret NIST SP 800-82 guidance and industry best practices when evaluating operational technology systems supporting electrical and MEP infrastructure • Coordinate with clients, facility operators, technology consultants, and engineering teams to identify and mitigate risks associated with connected building systems and operational technology networks • Lead workshops and technical discussions related to facility resiliency, operational continuity, and cyber-informed design strategies • Track and document compliance status, risk assessments, and recommendations through project reports and owner updates • Familiarity with operational technology systems, cyber-informed design principles, NIST SP 800-82, or critical infrastructure security considerations preferred.

View details: Project Electrical IV – Cyber Security

United States

$96.0K - $120.0K / year

Apply

Operational Technology Security Consultant

Coalfire

Cyber solutions that move you forward, faster.

Security Engineer1 day ago

Full Time Remote SeniorTeam 1,001-5,000Since 2001H1B Sponsor

Company Site LinkedIn

• Assess the security posture and maturity of OT environments for clients across manufacturing, energy, utilities, and other critical infrastructure sectors • Conduct stakeholder interviews, review OT documentation, evaluate security practices against industry frameworks, and develop maturity assessment reports with remediation recommendations • Present findings and strategic guidance to clients while working with Project Managers, Directors, and Delivery teams to manage project scope and timelines

View details: Operational Technology Security Consultant

United States

$105K - $148K / year

Apply

Senior Security Engineer

LanceDB

Developer-friendly, open source database for multi-modal AI

Security Engineer1 day ago

Full Time Remote SeniorTeam 11-50Since 2022H1B No Sponsor

Company Site LinkedIn

• Our first security-focused engineer • Takes high-level direction (e.g., "identify top five security-related gaps for AX") and drives to results • Success looks like a LanceDB platform that follows security-related best practices, and an ongoing partnership with other engineers to continuously enhance our security posture in all areas of the product • Select, deploy and tune security tooling across all relevant repos and environments, ensuring full coverage • Identify and remediate security-related risks, including but not limited to cloud IAM, access controls, product vulnerabilities • Own vulnerability management, from running our CVE program through closely working with other engineers on specific remediations • Support periodic evidence collection and control testing for compliance commitments • Apply relevant industry trends, best practices, and specific vulnerabilities to our product

Cloud Open Source

View details: Senior Security Engineer

United States

$180K - $250K / year

Apply

Senior Security Engineer

NuHarbor Security

Cybersecurity services you want from a team of experts you can trust.

Security Engineer1 day ago

Full Time Remote SeniorTeam 51-200H1B No Sponsor

Company Site LinkedIn

Role Description The Senior Security Engineer is the senior technical authority on the NuHarbor Security Engineering team and the owner of the engineering layer that NuHarbor's managed services depend on. This role operates with a high degree of autonomy and is anchored in Splunk. - Lives by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House. - Owns the systems engineering that keeps NuHarbor's co-managed platforms running correctly; architecture, configuration, performance, and maintenance to NuHarbor and vendor best practice. - Ensures client data is properly onboarded, parsed, and normalized to the appropriate data model for each platform (e.g., Splunk CIM, Microsoft ASIM, Google UDM). - Diagnoses and resolves complex architectural problems across managed environments. - Self-assigns and drives the most complex and highest-impact work, operating independently. - Drives the engineering ticket queue with quality, efficiency, and completeness. - Designs, implements, and maintains engineering solutions for multi-tenant scalability, repeatability, and standardization. - Communicates with clients at an expert technical level, building trust and delivery excellence. - Performs the engineering and architecture work required to onboard new managed services clients. - Supports, deploys, and manages the components of NuHarbor's security automation and case management platform(s). - Builds and maintains automation workflows and integrations that connect the platform to client environments. - Regularly meets with clients to drive objectives forward and proactively addresses issues. - Develops engineering recommendations and enhancements that improve the security posture of each client's managed platforms. - Provides technical direction, leadership, and mentorship to the broader engineering team. - Provides architectural review and oversight for client operational projects. - Develops and improves onboarding and operational processes. - Helps design the engineering approach and operational processes for newly adopted technologies. - Maintains the industry and vendor certifications required to support the managed services catalog. - Participates in a 24x7 on-call rotation; other duties as assigned by Engineering Leadership. Qualifications - Bachelor’s Degree and five (5) or more years in the Information Technology field. - In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required. - Five (5) or more years engineering security platforms in a managed services, enterprise, or comparable operational environment. - Three (3) or more years directly engineering and administering Splunk environments, including Splunk Enterprise Security. - Demonstrated experience onboarding and normalizing data sources to a common data model (e.g., Splunk CIM). - Strong Linux and Windows proficiency. - Strong understanding of security concepts and operations. - Strong understanding of networking concepts and architecture. - Proficiency with data visualization tools and strong analytical skills. - Proficiency scripting in at least one of PowerShell, Bash, or Python. - Must be a citizen of the United States. Requirements - Splunk Enterprise Certified Architect and/or Splunk Certified Consultant. - Microsoft AZ-500 and/or SC-100/SC-200. - Google Professional Security Operations Engineer (PSOE). - Hands-on engineering experience across one or more additional platforms in NuHarbor's catalog. - Experience engineering and supporting platforms in a multi-tenant MSSP environment. - Experience engineering platforms in support of a 24x7 SOC or MDR operation. - Experience with vulnerability management technologies. - Experience with infrastructure-as-code and automation tooling (e.g., Terraform, Ansible). - Experience supporting SLG or education clients. - Excellent written and verbal communication skills. - A track record of managing and prioritizing multiple projects simultaneously. - An understanding of how businesses operate and how technical decisions affect business results. - Passion for security and customer service. Benefits - Engagement and support of company leadership. - Recognition and rewards for employee commitment and contribution. - Growth in your career and capabilities. - A collaborative and driven working environment. - A fun and social working environment. - Competitive salary and benefits, including paid time to give back in your community and generous PTO.

Splunk Linux Microsoft Windows PowerShell Shell Python Terraform Ansible

View details: Senior Security Engineer

United States

$130K - $175K / year

Apply

Product Security Engineer

Vercel

The platform for frontend developers. Creators and maintainers of Next.js.

Security Engineer1 day ago

Full Time Remote SeniorTeam 201-500Since 2016H1B Sponsor

Company Site LinkedIn

About Vercel:Vercel is the agentic infrastructure company. We free people and agents to ship what’s next. For more than a decade, Vercel has shaped how the web is built. As the team behind Next.js, v0, and AI SDK, we create products that help builders move from idea to production with speed, security, and exceptional developer experience. Now, software is entering a new era, and the next generation of products will not just be used by people. They will be built, extended, and operated by agents. We are building the platform for that future, trusted by companies like OpenAI, PayPal, Ramp, Supreme, and millions of developers worldwide. Whether you’re building our products, supporting our customers, growing our community, or shaping our story, you’ll help define what comes next. About the Role:We are looking for a Product Security Engineer to join our security team to drive critical product security initiatives across Vercel’s products and platform. Your core focus will be on threat modeling, open-source software security, secure code review, SDLC tooling, and bug bounty program management. You will support both our internal product engineering teams and customer-facing security programs, ensuring that security is embedded throughout our development lifecycle and that our platform earns the trust of developers and end-users alike. As a senior member of the team, you will lead cross-organizational security projects and champion a security-first culture within Vercel’s engineering organization. This is a high-impact role with broad scope – your work will not only secure Vercel’s core infrastructure and products (built with Next.js, Node.js, and serverless architecture), but also influence the security of the open-source ecosystems we contribute to. If you’re based within a pre-determined commuting distance of one of our offices (SF, NY, London, or Berlin), the role includes in-office anchor days on Monday, Tuesday, and Friday. If you're located beyond that distance, the role is fully remote. For location-specific details, please connect with our recruiting team. What You Will Do: - Threat Modeling & Design Review: Partner with engineering and product teams to perform threat modeling for new and existing features. Identify potential risks early in the design phase and recommend security controls or design changes to mitigate threats. You will ensure security concerns are addressed from the inception of features through deployment. - Secure Code Review: Conduct secure code reviews and security assessments on products and services built with Next.js, Node.js, and our serverless backend. You’ll uncover code-level vulnerabilities, provide actionable remediation guidance to developers, and establish best practices for secure coding across the engineering team. - Open Source Security Management: Oversee Vercel’s open-source security efforts. This includes monitoring and coordinating fixes for vulnerabilities in third-party open-source packages we use (as a consumer) and ensuring the security of the open-source projects we maintain and publish (as a contributor/publisher, e.g. Next.js). You will work with maintainers and the community on responsible disclosure and patching of security issues in open-source code. - SDLC Tooling & Automation: Evaluate, select, and integrate security tools into our Software Development Life Cycle. You will drive the implementation of automated security checks – for example, using GitHub Advanced Security (GHAS) and other static analysis, dependency scanning, and secret detection tools – directly in our CI/CD pipelines and GitHub workflows. By embedding security tooling into developer workflows, you will help catch issues early and reduce manual effort. - Bug Bounty Program Management: Own and expand Vercel’s bug bounty program. You will triage and validate incoming vulnerability reports from the security researcher community, ensure critical issues are promptly addressed, and coordinate cross-team efforts to remediate and learn from reported vulnerabilities. You’ll also work on making our bug bounty a world-class, researcher-friendly program, including refining policies, scope, and engagement to encourage high-quality submissions. - Cross-Organizational Security Initiatives: Lead and contribute to security projects that span multiple teams and disciplines. For example, you might drive a company-wide upgrade to a more secure framework, implement a new authentication/authorization mechanism in collaboration with product teams, or roll out a security awareness program for engineers. You will act as a security champion across the org, aligning stakeholders from Engineering, DevOps, Product, and other groups to implement lasting security improvements. - Customer-Facing Security Support: Work closely with customer success and product marketing on security-related initiatives that impact our users. This may involve contributing to security documentation and whitepapers, assisting with customer security questionnaires or audits by providing product security expertise, and communicating our security features and best practices to build customer trust in the platform. About You: - Experienced Security Engineer: You have 5+ years of experience in an Product Security or Product Security role (or related field), with a track record of securing web products and services. You’re well-versed in the fundamentals of product security and have hands-on experience finding and fixing vulnerabilities. - Web Tech Stack Proficiency: Strong familiarity with JavaScript/TypeScript and Node.js runtime security. Experience with modern web frameworks (ideally Next.js or React and Node-based frameworks) and understanding of their security considerations. You can read and review code in these technologies to spot security flaws. - Threat Modeling & SDLC Expertise: Demonstrated ability to perform threat modeling and architectural risk analysis for complex product. You understand how to integrate security into a fast-paced SDLC without slowing it down. Experience implementing or working with secure development lifecycle practices (secure design, code review, pentesting, etc.) is required. - Security Tools & Automation: Hands-on experience with product security tooling such as static product security testing (SAST), dynamic testing (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration. Familiarity with GitHub Advanced Security or similar tools for code scanning and secret detection is a strong plus. - Open Source and Supply Chain Security: Knowledge of open-source security best practices. You have experience dealing with open-source dependencies and package management security (e.g., handling vulnerability advisories, using tools like Dependabot or Snyk). Bonus if you have contributed to or maintained open-source projects, especially security-related ones. - Bug Bounty & Vulnerability Management: Exposure to running or participating in a bug bounty program or vulnerability disclosure process. You know how to assess externally reported issues, reproduce and validate vulnerabilities, and coordinate fixes. You stay up-to-date on the latest vulnerabilities (OWASP Top 10, emerging threats) and methods to mitigate them. - Cloud & Serverless Security Understanding: Solid understanding of cloud architecture and serverless environments from a security perspective. You are familiar with securing products on cloud platforms (e.g., securing serverless functions, protecting APIs, managing secrets and keys). Experience with related cloud security concepts or tools is a plus. - Technical Leadership: Proven ability to drive security initiatives and influence engineering teams to adopt best practices. You can work cross-functionally to achieve security goals – for example, rolling out a new security tool or standard across many engineers. (While we emphasize technical skills, this senior role requires you to effectively communicate and lead within the organization to get things done.) Bonus If You: - Have prior software development experience beyond security (e.g. as a frontend or backend engineer). Being able to empathize with developers and write or contribute code will help you integrate security seamlessly into development. - Hold relevant security certifications or recognitions (for example, OSCP, OSWE, CISSP, or notable bug bounty hall of fame entries). These demonstrate your depth of knowledge, though they are not required. - Experience with security policy-as-code or infrastructure as code security (for instance, using tools like Open Policy Agent, Terraform security checks, etc.). This shows you can bring security into the automation and infrastructure realm. - Have built or implemented security features in a product (such as authentication systems, encryption, secure CI/CD pipelines) or contributed to security community projects/tools. - Are an active participant in the security community (e.g., contributing to open source security projects, writing blog posts or research, attending or speaking at security conferences). A passion for continuous learning and sharing knowledge is always a plus on our team. Benefits: - Competitive compensation package, including equity. - Inclusive Healthcare Package. - Learn and Grow - we provide mentorship and send you to events that help you build your network and skills. - Flexible Time Off. - We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed. The San Francisco, CA base pay range for this role is $208,000.00 - $312,000.00. Actual salary will be based on job-related skills, experience, and location. Compensation outside of San Francisco may be adjusted based on employee location. The total compensation package may include benefits, equity-based compensation, and eligibility for a company bonus or variable pay program depending on the role. Your recruiter can share more details during the hiring process. Vercel is committed to fostering and empowering an inclusive community within our organization. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, national origin, citizenship, age, marital status, veteran status, disability status, or any other characteristic protected by law. Vercel encourages everyone to apply for our available positions, even if they don't necessarily check every box on the job description.

View details: Product Security Engineer

United States

$208K - $312K / year

Apply

Senior Security & Compliance Analyst

Energy Exemplar

In an era where the world is rapidly advancing towards a cleaner future through decarbonization, Energy Exemplar’s mission lies in ‘Empowering Transformative Energy Decisions’🪫☀️🍃 Founded in 1999 in Adelaide, Australia, our award-winning software portfolio encompassing the modeling and simulation platform PLEXOS®, Aurora, and Adapt2, is trusted by innovative organizations across the globe. Through our technology and people, we strive to enable stakeholders from across the entire energy value chain to revolutionize the energy ecosystem and to collaboratively plan and execute for a sustainable energy future with unprecedented clarity, speed, and innovation.

Security Engineer1 day ago

Full Time Remote SeniorTeam 675Since 1999

Role Description Reporting to the VP, Cloud Operations & GRC, the Sr. Security & Compliance Analyst will support the execution and continuous improvement of Energy Exemplar’s security, risk, compliance, vulnerability management, and AI governance programs across cloud and enterprise operations. - Support security and compliance programs aligned with ISO 27001, SOC 1, SOC 2, privacy, and emerging AI governance requirements. - Coordinate and drive vulnerability remediation activities across Engineering, Cloud Operations, IT, and Product teams to ensure remediation within defined EE SLAs. - Track and report security metrics, including MTTR, overdue vulnerabilities, remediation trends, audit findings, and compliance dashboards. - Proactively follow up and escalate unresolved vulnerabilities, audit findings, and compliance gaps. - Support continuous control monitoring, risk assessments, third-party risk management, policy management, access reviews, and audit activities. - Respond to customer security and compliance due diligence requests, audits, and questionnaires. - Support AI governance, security, and compliance initiatives, including assessment of AI-related risks, emerging regulations, and industry standards (e.g., ISO 42001, EU AI Act, privacy requirements). - Assist in evaluating AI-enabled solutions and third-party AI services for security, privacy, compliance, and responsible AI considerations. - Monitor emerging cybersecurity threats, privacy regulations, and industry compliance requirements. - Collaborate with cross-functional teams to drive remediation and continuous improvement initiatives. Qualifications - 6–8 years of experience in Governance, Risk & Compliance (GRC), cybersecurity, information security, or risk management. - Strong understanding of ISO 27001, SOC 1 / SOC 2, GDPR/privacy principles, vulnerability management, and security controls. - Experience in Energy / Utilities sector security and compliance requirements (e.g., CEII or critical infrastructure requirements). - Experience coordinating vulnerability remediation programs, tracking SLA compliance, MTTR metrics, and executive reporting. - Experience supporting audits, customer security reviews, and compliance programs. - Familiarity with emerging AI governance, privacy, and security frameworks (e.g., ISO 42001, EU AI Act, responsible AI principles) preferred. - Strong communication, organizational, stakeholder management, and follow-up skills. - Ability to work independently and proactively drive outcomes across distributed teams. Requirements - Preferred Certifications: CISSP, CISA, ISO 27001 Lead Implementer/Auditor, or similar certifications. - AI governance/privacy certifications are a plus. Benefits - Energy Exemplar is proud to be an equal opportunity employer. - We celebrate diversity and are committed to creating an inclusive environment for all team members. - We welcome applications from people of all backgrounds, experiences, identities, and abilities. - Please let us know if you require accommodations at any stage of the recruitment process—we're here to support you in showcasing your full potential.

AI Observability/Monitoring

View details: Senior Security & Compliance Analyst

Worldwide

Apply

3,496more opportunities are still waiting for you.Log in now and take your next shot before someone else does.