Hidden Roles
Get Started
Back to all jobs
fulcrumglobaltechnologies logo

Senior Information Engineer

fulcrumglobaltechnologies
Schaumburg1mo ago
Apply
Seniority
Senior

About the role

<h2>Position Summary</h2> <p>The Fulcrum GT Senior Information Engineer will lead the design, implementation, and management of controls that support enterprise-level security frameworks and compliance. This role will be responsible for ensuring that Fulcrum GT maintains a robust security posture across multiple standards including SOC 2, ISO/IEC 27001, ISO/IEC 42001, CSA STAR Level 2, and CyberEssentials+. The Fulcrum GT Senior Information Engineer Manager will possess deep technical expertise in implementing and managing security controls across enterprise infrastructure, identity systems, and cloud environments.</p> <h2>Key Responsibilities</h2> <ul> <li>Design, implement, and maintain security controls that support compliance with SOC 2 Type II, ISO/IEC 27001, ISO/IEC 42001, CSA STAR Level 2, and CyberEssentials+ standards.</li> <li>Oversee the enterprise Identity and Access Management (IAM) program, including role-based access controls, privileged access management, and access governance processes.</li> <li>Manage secure authentication systems including multi-factor authentication (MFA) and single sign-on (SSO).</li> <li>Implement and maintain malware protection solutions across endpoints, servers, and cloud workloads, including next-generation antivirus and endpoint detection and response (EDR) platforms.</li> <li>Design and enforce data loss prevention (DLP) strategies and technologies to protect sensitive information across email, endpoints, network, and cloud environments.</li> <li>Establish and maintain IT asset configuration management processes, including configuration baselines, change control, and automated compliance monitoring.</li> <li>Lead the technical vulnerability management program, including vulnerability scanning, assessment, prioritization, remediation tracking, and exception management.</li> <li>Collaborate with VP, Director of Infrastructure, and CISO to architect and implement cloud security controls across GCP and Azure.</li> <li>Oversee physical security monitoring systems, including access control systems and integration with logical security controls.</li> <li>Collaborate with VP and CISO on security assessments, gap analyses, and remediation efforts.</li> <li>Collaborate with external auditors during security assessments, audits, and certification processes.</li> <li>Provide technical leadership and mentorship to the security team, fostering a culture of continuous improvement and security awareness.</li> </ul> <h2>Core Technical Expertise</h2> <p><strong>Identity and Access Management (IAM)</strong></p> <ul> <li>Extensive experience with enterprise IAM platforms.</li> <li>Implementation of RBAC, ABAC, and least-privilege access models.</li> <li>Privileged access management (PAM) and secrets management solutions.</li> <li>Identity lifecycle management and automated provisioning/de-provisioning.</li> </ul> <p><strong>Secure Authentication</strong></p> <ul> <li>Multi-factor authentication (MFA) implementation and enforcement.</li> <li>Single sign-on (SSO) integration and federation protocols (SAML, OAuth 2.0, OIDC).</li> <li>Certificate-based authentication and PKI management.</li> </ul> <p><strong>Malware Protection</strong></p> <ul> <li>Enterprise antivirus and anti-malware deployment and management.</li> <li>Endpoint detection and response (EDR) and extended detection and response (XDR) platforms.</li> <li>Threat intelligence integration and automated response capabilities.</li> <li>Malware analysis and incident response procedures.</li> </ul> <p><strong>Data Loss Prevention</strong></p> <ul> <li>Enterprise DLP solution implementation.</li> <li>Data classification and labeling strategies.</li> <li>Content inspection and policy enforcement across network, endpoint, and cloud.</li> <li>Encryption and tokenization technologies for data protection.</li> </ul> <p><strong>IT Asset Configuration Management</strong></p> <ul> <li>Configuration management tools.</li> <li>Security baseline development and enforcement.</li> <li>Automated compliance scanning and drift detection.</li> <li>Infrastructure as Code (IaC) security and configuration validation.</li> </ul> <p><strong>Technical Vulnerability Management</strong></p> <ul> <li>Vulnerability assessment tools.</li> <li>Vulnerability prioritization.</li> <li>Patch management processes and automation.</li> <li>Penetration testing coordination and vulnerability validation.</li> </ul> <p><strong>Physical Security Monitoring</strong></p> <ul> <li>Physical access control systems (PACS) and badge management.</li> <li>Integration of physical and logical security controls.</li> </ul> <h2>Compliance and Standards Expertise</h2> <ul> <li><strong>SOC 2 Type II: </strong>Understanding of Trust Service Criteria and evidence requirements for security, availability, processing integrity, confidentiality, and privacy.</li> <li><strong>ISO/IEC 27001: </strong>Experience in supporting an Information Security Management System (ISMS) and Annex A controls.</li> <li><strong>ISO/IEC 42001: </strong>Knowledge of AI Management System requirements and controls for artificial intelligence governance.</li> <li><strong>CSA STAR Level 2: </strong>Familiarity with Cloud Controls Matrix (CCM) and Cloud Security Alliance attestation requirements.</li> <li><strong>CyberEssentials+: </strong>Understanding of UK government cyber security certification requirements including boundary firewalls, secure configuration, access control, malware protection, and patch management.</li> </ul> <h2>Required Qualifications</h2> <ul> <li>Bachelor's degree in Computer Science, Information Security, or related technical field (or equivalent experience).</li> <li>Minimum 7-10 years of experience in IT or information security, with at least 3 years in a leadership role.</li> <li>Hands-on technical experience implementing and managing security controls in enterprise environments.</li> <li>Deep understanding of security frameworks including NIST CSF, CIS Controls, and MITRE ATT&amp;CK.</li> <li>Knowledge of emerging technologies including AI/ML security, zero-trust architecture, and DevSecOps.</li> <li>Scripting and automation skills (e.g., Python, PowerShell, Bash, Terraform).</li> </ul> <h2>Key Competencies</h2> <ul> <li>Ability to align security initiatives with business objectives.</li> <li>Strong analytical and problem-solving abilities.</li> <li>Continuous learning mindset to stay current with evolving threats and technologies.</li> <li>Collaborative approach with ability to work across technical and business teams.</li> </ul> <p><strong>Benefits</strong></p> <ul> <li>Competitive Health, Dental and Vision Insurance&nbsp;&nbsp;</li> <li>Pet Insurance</li> <li>401k</li> <li>Flexible schedule</li> <li>Paid Holidays plus Paid Time Off</li> </ul> <p><strong>Job Type</strong>&nbsp;</p> <ul> <li>Full-time</li> </ul> <p><strong>Language</strong>&nbsp;</p> <ul> <li>English (Required)</li> </ul>

Perks & benefits

  • 401k
  • Vision Insurance
  • Paid Time Off

747,000+ hidden jobs like this

fulcrumglobaltechnologies and thousands of companies post here first — often days before LinkedIn or Indeed. Your first 5 applications are free; go Pro to apply without limits.

Everything Pro unlocks:

  • Unlimited applications — free stops at 5
  • Track every application in one place
  • Apply straight to the source, one click
  • Save & organize roles you love
  • Roles pulled from company boards before the big sites

Weekly

$9.99
$4.99/week

For an active search. Cancel anytime.

Get Weekly
Most popular

Monthly

$24.99
$12.99/month

The smart pick. Save 35% vs weekly.

Get Monthly

Lifetime

$99
$49.99once

Pay once. Every future feature, forever.

Get Lifetime