[Remote] Senior Security Engineer

Note: The job is a remote job and is open to candidates in USA. ARC-One Solutions is focused on delivering reliable and secure infrastructure for product development. As a Senior Security Engineer, you will protect digital assets through the management and optimization of security technologies and collaborate with various teams to enhance security posture.

Responsibilities

• Deliver reliable, secure, and compliant infrastructure that enables rapid and safe product development
• Strong security posture integrated into all Cloud and DevOps workflows
• Clear processes, documentation, and governance supporting regulatory audits with confidence
• Deploy and manage EDR solutions across enterprise endpoints including workstations, servers, and mobile devices
• Administer SIEM platform including log source onboarding, parsing, and correlation rule development
• Create dashboards and reports for security metrics, compliance, and executive visibility
• Serve as escalation point for security incidents following established procedures
• Develop and maintain incident response playbooks for common attack scenarios
• Participate in tabletop exercises and conduct post-incident reviews to improve security posture
• Establish and maintain a continuous vulnerability management program
• Monitor threat intelligence sources for emerging threats, exploit activity, and vulnerabilities affecting the organization
• Integrate vulnerability data with SIEM and EDR for enhanced threat correlation
• Stay current with emerging threats, attack techniques, and security technologies
• Investigate and respond to reported phishing emails and business email compromise (BEC) attempts
• Create and tune DLP policies to prevent unauthorized data exfiltration while minimizing false positives
• Collaborate with business units to understand data flows and implement appropriate DLP controls
• Conduct training sessions on security best practices
• Stay up to date on the latest IT trends and technologies

Skills

• Bachelor's or Master's degree in computer science, Information Security, Cybersecurity, or related fields. Equivalent work experience may be considered in lieu of a degree
• 5+ years of progressive experience in Cyber Security Engineering
• Experience conducting incident response investigations and forensic analysis
• Have a track record of managing security incidents from detection through resolution
• Experience securing AWS or Azure environments, including container orchestration (Kubernetes)
• Understand security frameworks (NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK)
• Knowledgeable of compliance requirements (PCI DSS, HIPAA, SOX, GDPR) as applicable
• Experience operating in highly regulated environments, ideally medical devices (ISO 13485, IEC 62304) or similarly regulated fields
• Strong understanding of secure software development practices and Cloud security
• Strong incident response, reliability engineering, and operational excellence mindset
• Scripting skills for automation of administrative and security processes
• Comfortable with virtualization and containerization technologies
• Understanding of software development life cycle (SDLC) and Agile methodologies
• Experience working in a SaaS-based product development organization or FDA-regulated medical device environment desired
• Microsoft, Cloud, and Security certifications are a plus

Benefits

• Flexible work hours in a fun collaborative environment.
• Working remote requires a reliable internet connection.
• Must have the ability to travel, as needed for company meetings.

Company Overview