Information Security Engineer

The Information Security Engineer at StarCompliance plays a pivotal role in supporting the company's information security program. Reporting to the Information Security Associate Director, this position collaborates with cross-functional teams to safeguard systems, data, and clients, while gaining comprehensive experience in security operations, risk management, and compliance.

Key responsibilities include implementing and maintaining information security policies, standards, and procedures. The role involves monitoring security tools, alerts, and logs, particularly utilizing SIEM platforms and Endpoint Detection and Response (EDR) tools. Additionally, the engineer supports incident response activities, conducts third-party vendor security reviews, prepares documentation for audits, and maintains security registers and risk logs.

Candidates should possess a solid understanding of information security principles and risk management concepts, along with familiarity with cloud environments, SaaS applications, or enterprise IT systems. Strong attention to detail, effective communication skills with both technical and non-technical stakeholders, and the ability to manage multiple priorities are essential. A degree in Cyber Security, Information Security, Computer Science, Information Technology, or a related field, or equivalent practical experience, is required. Preferred certifications include CompTIA Security+, BCS Foundation Certificate in Cyber Security, ISO/IEC 27001 Foundation, or NCSC-aligned training or certifications.

StarCompliance offers a dynamic work environment that emphasizes integrity and ethics, providing opportunities for professional growth and development in the field of information security.