Security Engineer

Brief Description The Security Engineer is responsible for designing, implementing, and improving security controls across one or more security domains, such as identity, endpoint, detection and response, cloud, network, application, or data security. This role partners closely with cross‑functional teams to reduce risk, improve control maturity, and support secure business operations through hands‑on engineering, technical guidance, and measurable security outcomes. While each Security Engineer maintains primary responsibility for specific security domains, the role is designed to be flexible, enabling engineers to support and contribute across multiple practice areas as organizational needs evolve.     Specific Duties Specific responsibilities will vary based on assigned security practice areas; however, all Security Engineers are expected to contribute across domains and collaborate to support overall security objectives.   Security Engineering & Operations Implement, manage, and improve security controls across one or more domains, including identity, endpoint, detection and response, network, cloud, application, or data security. Investigate security alerts, events, and incidents; support containment, remediation, and post-incident improvements. Develop, tune, and maintain detection logic based on system, user, and network activity. Identify security gaps, misconfigurations, and exposure risks; recommend and implement corrective actions.   Identity & Access Management Implement and manage authentication and authorization controls. Support identity governance processes, including access reviews and lifecycle management. Enhance controls for privileged and non-human identities.   Vulnerability & Risk Management Identify, prioritize, and track remediation of vulnerabilities across systems and platforms Partner with IS and engineering teams to drive timely remediation and risk reduction. Improve vulnerability scanning coverage, prioritization, and reporting processes.   Cloud, Network, Application, and Data Security Secure cloud environments and SaaS platforms through configuration review and monitoring. Support network security controls such as segmentation, remote access, and traffic analysis. Identify and remediate application security risks across the software development lifecycle. Support implementation of controls to protect sensitive data across storage, transmission, and processing workflows.   Practice Ownership & Project Oversight Maintain security standards, control requirements, and technical guidance within assigned practice areas. Define and validate security requirements, deliverables, and acceptance criteria for initiatives impacting the practice domain. Support security scoping and risk assessments for enterprise initiatives. Track security-related milestones and escalate material deviations from standards when necessary.   Metrics & Reporting Develop and maintain metrics related to control maturity, risk posture, and initiative progress. Provide regular reporting and insights to security leadership and stakeholders.     Knowledge/Skills Required/Preferred  Personal: Demonstrates strong ownership and accountability for assigned responsibilities. Proactively identifies opportunities to improve security controls and processes. Operates effectively in ambiguous environments and makes sound, risk-informed decisions. Maintains a collaborative mindset focused on enabling the business securely. Communicates clearly and professionally with both technical and non-technical stakeholders.   Professional: Ability to collaborate effectively with IS, application owners, vendors, and business stakeholders. Strong analytical and problem-solving skills, with the ability to assess complex security issues. Ability to manage multiple priorities and deliver work in a structured and timely manner. Strong written and verbal communication skills, including the ability to document standards, processes, and configurations. Ability to influence stakeholders and drive adoption of security controls and standards.   Technical: Solid understanding of core security principles such as authentication, authorization, least privilege, and system hardening. General familiarity with enterprise IT environments across operating systems, networks, and cloud platforms.     Education/Experience Education: Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field, or equivalent practical experience.   Experience: 5+ years of experience in security engineering or a related field. Demonstrated depth in at least one security domain (e.g., identity, detection and response, endpoint, network, cloud, application, or data security), with working exposure across multiple domains and the ability to adapt to new practice areas over time. Experience designing, implementing, and supporting security controls in enterprise environments. Experience working with security technologies such as endpoint protection platforms, logging and monitoring solutions, access control systems, and cloud security configurations. Experience investigating, troubleshooting, and resolving complex security issues across systems and platforms. Experience collaborating with cross-functional teams to reduce risk and improve security posture.   Related certifications: Relevant certifications such as CISSP, CISM, or similar are preferred but not required     Additional Criteria Schedule flexibility to allow for availability required during the CAP’s non-business hours for activities such as resolution of critical issues or outages, managing off-hours maintenance, meetings with offshore teams, or other critical business needs. Travel is required when necessary; expected to be less than 10%.Travel required when necessary; expected to be less than 10%. Candidates must reside within 75-miles of the Northfield, IL office and meet in office requirements. Salary: $87,000 - $111,000