Exostar

Information Security Engineer

Exostar$100K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of hands-on experience in secure architecture and security controls for cloud environments.
  • Familiarity with evaluating system architecture, network diagrams, and technical design documentation.
  • Experience in threat modeling, risk assessments, and control gap assessments.
  • Knowledge of security integration into the SDLC and CI/CD pipelines.
  • Collaborative skills with engineering and infrastructure teams for remediation processes.
  • Understanding of network security concepts like segmentation, firewalls, and secure design principles.
  • Proficient in identity and access technologies like Active Directory and MFA.

Responsibilities

  • Assess and design secure architecture for cloud environments, covering various security aspects.
  • Engage with teams to implement security requirements into technical designs and controls.
  • Review architectural changes for security implications and provide guidance.
  • Develop documentation for technical control implementation, ensuring clarity and utility.
  • Provide hands-on engineering support to validate control effectiveness and remediate issues.
  • Conduct threat modeling and security risk assessments, coordinating mitigation strategies.
  • Support compliance frameworks through engineering support, producing necessary documentation and evidence.

Benefits

  • Opportunity to work within a cutting-edge Information Security Office.
  • Collaborative team environment with direct engagement with multiple technical teams.
  • Access to professional development opportunities and skill enhancement.
  • Involvement in shaping security architecture and controls across varied environments.
  • Exposure to audits and compliance processes, enhancing your industry knowledge.
Full Job Description
Position Overview:

This position will serve as a member of the Exostar Information Security Office and will report to the Manager of Governance & Engineering. This role is responsible for designing and implementing technical security controls across application, cloud, identity, and PKI environments. The successful candidate will work directly with DevOps, application, and operations teams to engineer controls and satisfy security framework requirements. This role is ideal for a security engineer who can assess architecture, identify control gaps, implement remediation, and technically validate implementation effectiveness.

This role is ideal for candidates that have a skillset focused on engineering credibility, architectural judgment, and the ability to operate confidently with technical teams, auditors, customers, and leadership.

Responsibilities: Your day if you join us:

Security Architecture & Control Implementation
  • Assess, design, and provide guidance on secure architecture for cloud environments, including IAM, PKI, access, network, and platform services.
  • Engage directly with infrastructure, platform, and development teams to translate security requirements into implementable technical designs and controls.
  • Review proposed system changes, architecture diagrams, network flows, identity integrations, and control implementations for security implications.
  • Develop technical control implementation guidance, including diagrams, control narratives, configuration expectations, and test procedures.
  • Provide hands-on engineering support for control effectiveness through configuration review, evidence inspection, technical testing, log review, and remediation verification.
  • Perform threat modeling and security risk assessments and coordinate actionable mitigation strategies.

Compliance Engineering & Governance
  • Provide engineering support for controls aligned to frameworks such as PKI, identity certification, CMMC L2, FedRAMP Moderate, ISO/IEC 27001, IAM, SOC 2, etc.
  • Produce technical control descriptions that reflect security architecture, implementation, and operational behavior to create defensible control narratives to auditors and customers.
  • Produce SSPs, POA&Ms, control narratives, and audit responses where engineering interpretation is required.
  • Support audits and customer assessments by explaining technical controls, gathering defensible evidence, and validating that evidence against control intent.
  • Improve the repeatability and quality of evidence collection, control validation, and remediation tracking.

Qualifications:

You are a great fit for this role if you:
  • 5+ years of hands-on experience evaluating secure architecture and implementing security controls in cloud environments.
  • Experience evaluating system architecture, network diagrams, data flows, identity integrations, and technical design documentation.
  • Experience performing threat modeling, technical risk assessments, security design reviews, and control gap assessments.
  • Experience integrating security into the SDLC, including CI/CD pipelines, Agile delivery, and DevSecOps practices.
  • Experience collaborating with engineering, infrastructure, DevOps, cloud, IAM, and operations teams to drive remediation to closure.
  • Strong understanding of network security concepts, including segmentation, firewalls, proxies, DNS, TLS, VPN/IPSec, routing, ingress/egress control, and secure network design.
  • Experience with identity and access technologies such as Active Directory, Entra ID/Azure AD, SAML, OIDC, MFA, privileged access, role-based access control, and identity federation.
  • Demonstrated experience authoring technical control narratives, technical audit documentation, and supporting evidence.
  • Experience supporting audits and assessments such as SOC 2, ISO 27001, etc.
  • Strong written and verbal communication skills with the ability to explain technical concepts to auditors, leadership, and business stakeholders.
  • Significant experience using Jira and Confluence.
  • Ability to pass background investigation to attain and maintain Trusted Role access to company systems.

Preferred Qualifications:

You are exactly who we are looking for if you
  • CMMC CCA or CCP certification.
  • FedRAMP audit lead or hands-on control implementation experience
  • CISSP and other similar technical certifications
  • Experience implementing Governance, Risk, and Compliance (GRC) tools
  • Experience with managing, securing, and auditing Public Key Infrastructure (PKI), including the certificate lifecycle management.
  • End-point Protections (HIPS/HIDS)
  • Demonstrated experience designing multi-tier, highly available, multi-threaded, scalable architectures.
  • Experience with web application programming, Java, APIs, or application-adjacent security engineering.
  • Secure development frameworks (e.g. OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, etc.)
  • Business Continuity and Disaster Recovery planning
  • Data Loss Prevention (DLP)
  • Data Labeling and Information Rights Management

Education:
  • Bachelor's degree from an accredited university in IT related discipline

About Exostar

Industry
Founded
2000

Similar Jobs

More Jobs at Exostar

More Information Technology Jobs

Find similar Information Security Engineer jobs: