Infrastructure Security Engineer

Title: Infrastructure Security Engineer

Duration: Contract (potential to go FTE)

Location: Downtown Denver (Hybrid - 3 days onsite)

Salary Range: Competitive, based on experience

Summary

Seeking an experienced Infrastructure Security Engineer to strengthen and safeguard enterprise systems and networks. This role focuses on implementing advanced security frameworks, managing identity and access controls, and responding to security incidents. The ideal candidate will have deep expertise in identity management within data center environments, strong incident response capabilities, and a solid foundation in network security.

Responsibilities

• Design and enforce security strategies to protect critical infrastructure, systems, and networks.


• Implement and maintain Zero Trust architecture, ensuring least-privilege access and continuous verification.


• Deploy and optimize security tools for monitoring and threat detection.


• Investigate and respond to high-risk security events and incidents.


• Perform system hardening and enforce security policies across infrastructure.


• Manage DNS configurations and remediate vulnerabilities identified through penetration testing.


• Conduct attack surface analysis and proactive threat hunting.


• Collaborate with IT and operations teams to maintain compliance and secure environments.


• Participate in on-call rotation to provide 24/7 security coverage.


• Serve as a technical escalation point for identity and security-related issues.

Skills

• Identity Management expertise in data center and OT environments (top priority).


• Strong background in Incident Response and Digital Forensics.


• Solid understanding of Network Security principles; experience with Palo Alto firewalls is highly desirable.


• Familiarity with Zero Trust frameworks and security hardening practices.


• Proficiency in DNS management, policy enforcement, and vulnerability remediation.


• Ability to lead projects and provide subject matter expertise across security domains.

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance.