What you will do Maintain AgileEngine's Information Security Framework and underlying policies, procedures and guidelines; Design and implement controls to ensure that security requirements are met; Develop and integrate security solutions and technologies; Implement security best practices, hardening guidelines and protection profiles; Perform ongoing security monitoring of information systems, including assessing information security risk through risk analysis; Conduct gap analysis and vulnerability assessments on a regular basis and consult in mitigating vulnerabilities; Manage and configure various security tools (SIEM, SOAR, HIDS/NIDS, WAF, etc.); Response to security incidents and vulnerability management processes; Evaluate and recommend new information security technologies and counter-measures against threats to information and systems; Conduct periodic internal information security audits; Help create effective staff training programs to increase security awareness across AgileEngine. Must haves 2+ years of experience in information security; Upper-intermediate in spoken and written English; Strong understanding of information security principles, practices, and methodologies; Knowledge of at least one security standard: ISO/IEC 27001, NIST CSF, PCI DSS, or SOC 2; Practical experience in developing and writing security policies and procedures; Hands-on experience with the incident response process, including detection, investigation, and mitigation; Excellent written communication skills, with the ability to produce clear, concise, and well-structured reports; Strong analytical skills, with the ability to assess complex systems, identify security issues, and devise effective solutions. Nice to haves Familiarity with cloud architectures and secure network design principles; Understanding of troubleshooting techniques relevant to security and systems management; Experience with operating system hardening and secure configuration practices; Hands-on experience with vulnerability assessment tools; Practical experience using SIEM and other security monitoring tools. #J-18808-Ljbffr