Overview
Remote
Hybrid
Accepts corp to corp applications
Contract - W2
Contract - Long Term
Skills
Python
Logging
Operations
Amazon Elastic Compute Cloud
Terraform
Splunk
Scripting
Technical Documentation
Networking
Segmentation
Continuous Integration/Delivery
Github
Azure Devops
GCP
VPN
ADFS
BGP
SAML
Shell Scripting
firewall
IaaS
ARM
Governance
network security
SSO
Audit
Change Management
nist
Provisioning
Risk Assessment
Incident Response
Identity and Access Management
System Level
ISO 27001
Security Architecture
JIT
SIEM
Model Design
Forensics
Job Details
Title: Security Engineer
Position Type: Contract
Location: Remote across the USA/ Canada
Job Description:
Cloud & Hybrid Infrastructure
- Azure IaaS / Entra ID (Azure AD) | Advanced | Critical | Identity, network security groups, conditional access
- AWS EC2 / IAM / VPC | Intermediate | Medium | Optional but preferred
- Google Cloud Platform Compute / IAM / VPC | Intermediate
- Azure Policy, Defender for Cloud | Intermediate | High | Enforce cloud compliance / secure posture
- Hybrid networking (VPN, ExpressRoute, BGP) | Intermediate | High | Secure cross-environment connectivity
- Infrastructure as Code (Terraform, Bicep, ARM templates) | Intermediate | High | Automate deployments with embedded security controls
- Azure Arc / hybrid management | Nice to Have | Low | Optional advanced hybrid management
Security Architecture & Design
- Defense-in-Depth Implementation | Expert | Critical | Expect depth across endpoint, identity, network, data
- Zero Trust Architecture (NIST SP 800-207) | Advanced | High | Network segmentation, JIT access, strong identity enforcement
- Secure configuration frameworks (CIS, STIGs) | Advanced | Critical | Hands-on enforcement, validation via automation
- PAM (e.g., Delinea Secret Server, CyberArk, BeyondTrust, Azure PIM) | Intermediate | High | Tiered admin access enforcement
- Identity Federation / SSO (SAML, OIDC, SCIM) | Intermediate | Medium | Identity flow understanding and ADFS/SSO config
- Micro-segmentation / Firewall policy design | Intermediate | High | Expect examples from past experience
Security Monitoring & Operations
- Endpoint Detection & Response (CrowdStrike, Defender, etc.) | Intermediate | High | Implementation & policy tuning
- SIEM (Logscale, Sentinel, Splunk, etc.) | Intermediate | High | Logging pipelines, custom alert logic
- Patch & configuration management (Tanium, SCCM, Ansible) | Advanced | High | Secure baselining, policy compliance automation
- Threat modeling / system-level risk assessment | Advanced | High | Real-world experience identifying & mitigating threats
- Forensics & incident response support | Intermediate | Medium | Tier-3 involvement in past incidents preferred
Automation & Scripting
- PowerShell (incl. secure AD/Azure scripting) | Advanced | Critical | Infrastructure provisioning & config validation
- Python / Bash | Intermediate | Medium | Automation tasks and system orchestration
- CI/CD integration (GitHub, Azure DevOps) | Intermediate | Medium | Security control in release pipelines
Compliance & Governance
- NIST 800-53 / 800-171 / FedRAMP / ISO 27001 / SOC2 | Working Knowledge | High | Must understand how to implement controls
- Logging & audit strategy design | Advanced | High | Immutable logging, log routing to SIEM
- Tiered access model design | Advanced | High | Tier 0 2 account and system separation
Soft Skills
- Technical documentation & architecture diagrams | Advanced | High | Ability to communicate with both technical & non-technical
- Incident response collaboration | Advanced | High | Cross-team coordination experience
- Communication with leadership / compliance teams | Intermediate | High | Can explain risk posture and system design to executives
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.