While this position is WORK FROM HOME, we are only registered and can proceed with qualified candidates who reside and will work in one of the following US states: AL, AZ, FL, GA, MI, MS, NE, NC, OH, OK, TN, TX. No exceptions. No relocation assistance is available.

Must be eligible to work in the US without employment sponsorship.

Job Description

Job Title: Engineer - Cybersecurity Operations

Department: IT Security & Support FLSA Status: Exempt Job Status: FT

Reports To: Director of Fraud Prevention & Risk

Work Schedule: Remote, core working hours between 9am-3pm EST, but occasional after-hours support as needed.

Position Summary

Cybersecurity Engineer with a primary focus on vulnerability and patch management, especially in Microsoft Azure. This role is responsible for keeping our cloud servers, workloads, and endpoints securely configured and up to date. The ideal candidate has practical experience running patch cycles and remediating vulnerabilities in Azure, coordinating with IT teams, and steadily driving down risk.

What You Will Focus On

Approximate time allocation:

• 60% - Azure vulnerability & patch management
• 30% - cloud servers / endpoint patching and configuration hardening
• 10% - Basic security operations support (ticket triage, simple incident support, reporting)

Key Responsibilities

Azure Vulnerability & Patch Management (Primary)
• Own the vulnerability and patch management process in Azure for VMs, PaaS workloads, and core services.
• Use tools such as Defender for Cloud / Azure Security Center, Azure Update Management, Intune, and vulnerability scanners (e.g., Tenable Nessus) to:

o Identify and validate vulnerabilities and missing patches

o Classify and prioritize findings (critical/high/medium)

o Coordinate and track remediation to closure
• Work with infrastructure/DevOps teams to define standard patching windows, maintenance plans, and rollback procedures.
• Monitor Azure security posture dashboards and ensure patch and configuration baselines are maintained.

Cloud & Endpoint Patch Management
• Support patching and configuration hardening for cloud servers and endpoints, leveraging existing IT tools (e.g., SCCM, Intune, or equivalent).
• Align on prem patching cadence with Azure patching to reduce overall risk and avoid drift.
• Validate successful deployment of patches and address failed/exception hosts with IT.

Coordination, Reporting & Process Improvement
• Work closely with IT and DevOps to plan patch windows, test changes, and minimize business disruption.
• Maintain clear documentation of vulnerability backlogs, exceptions, approvals, and remediation status.
• Produce simple, understandable reports for management on:

o Outstanding critical/high vulnerabilities

o Patch compliance by system group/environment

o Trends over time (improvement vs. backlog growth)
• Contribute to and improve standard operating procedures for vulnerability and patch management.

Security Operations Support (Secondary)
• Assist with triage of basic security tickets and alerts related to vulnerabilities, misconfigurations, or outdated software.
• Participate in an on call rotation for critical patching issues or security incidents related to your scope.
• Support incident response by quickly assessing patch/vulnerability exposure when needed.

Required Skills and Qualifications
• Bachelor's degree in Computer Science, Information Security, or related field; or equivalent hands on experience.
• Experience in a security, systems, or cloud engineering role with ideally direct responsibility for patching and/or vulnerability remediation.
• Exposure to or demonstrated hands on experience with Microsoft Azure in one or more of the following:

o Azure VMs and Azure Update Management

o Defender for Cloud / Azure Security Center

o Intune or similar for endpoint management
• Practical experience with at least one vulnerability scanning tool (e.g., Tenable Nessus, Qualys, Rapid7) and interpreting/prioritizing results.
• Strong understanding of:

o Operating system patching (Windows Server; Linux a plus)

o Basic configuration hardening concepts (CIS benchmarks, least privilege, etc.)
• Ability to work through patching conflicts, testing, and exceptions with IT and application owners.
• Clear, concise communication skills.

Preferred Experience
• Experience in a cloud first or hybrid environment with a significant Azure footprint.
• Prior work in a vulnerability management or patch management-focused role.
• Familiarity with:

o Defender for Cloud, Azure Security Center, Azure Policy

o Intune, SCCM, or similar endpoint management tools

o NIST / CIS Controls as they relate to patching and configuration management
• Scripting/automation experience (e.g., PowerShell, Azure CLI, Python) to streamline patching and reporting.
• Exposure to SIEM tools (e.g., Microsoft Sentinel, Splunk) sufficient to pull data for reporting or basic investigations (not a core requirement).

Tools & Technologies (Focus Areas)

You do not need experience with every product listed, but you should be comfortable working with similar tools:
• Azure Security & Management: Defender for Cloud / Azure Security Center, Azure Update Management, Azure Policy, Intune
• Vulnerability Management: Tenable Nessus or equivalent
• Endpoint / Server Management: Intune, SCCM, or similar tools
• Automation & Scripting: PowerShell, Azure CLI, basic Python (nice to have)

Work Environment & Expectations

• Remote work within one of the eligible states listed above.
• Core working hours between 9:00 a.m. and 3:00 p.m. ET, with flexibility around those hours.
• Participation in an on call rotation for critical patching or security issues.
• Home office requirements:

o For all virtual remote positions, in order to ensure associates can effectively perform their job duties with no distractions, we require an uninterrupted virtual workspace.

o Additionally, there is an internet work speed requirement of 100 MBps or better. If you are unsure of your internet speed, please check with your service provider. Please ensure that you are able to meet these expectations before applying as adequate home work environment and the required internet connection is a non-negotiable requirement of remote employment.

What's in it for you Package
This role will have a base salary range of $80,000-120,000 Please know, this is the base range only and does not consider other components that make up the total rewards package for this role. This position is also eligible for an annual performance bonus.

Other perks in the total rewards package are:
• Flexible work environment
• Participation in Personal Annual Performance Bonus incentive program
• Medical, Dental, Vision, and Life Insurance
• 75% employer coverage of Medical Premiums
• Retirement Savings - 401(k) plan with generous company match, vested after 2 years
• Tuition Reimbursement up to $5,250/year
• Generous Paid Time Off upon hire - plus quarterly Work/Life Balance days and paid holidays
• Paid Parental Leave
• Voluntary Pet Insurance, Lifelock and More!
• 24/7 no-cost Employee Assistance Program (EAP)