Information Security Engineer

Information Security Engineer
Remote | Product and Development | Full-Time

WHO WE ARE

Headquartered in Nashville, Tenn., Ncontracts leads the industry in integrated risk management and compliance solutions, serving over 5,000 financial institutions nationwide. As a six-time Inc. 5000 Fastest Growing Companies honoree and consistent year-over-year recipient of "Best Places to Work" awards, we offer a thriving, work environment where career growth and life-work balance go hand in hand.

At Ncontracts, you'll join a team of industry experts dedicated to strengthening the financial services sector through innovation and thought leadership. We're seeking creative, collaborative, and self-driven professionals across all areas of our business - from developing cutting-edge solutions to sales, marketing, customer support, and beyond. Join us in our mission to make the financial industry stronger and more resilient, while advancing your career in a supportive, dynamic environment that values your unique skills and perspectives.

The Role

The Information Security Engineer reports to the Information Security Manager and is responsible for designing, implementing, and maintaining security-related technologies and controls. This role ensures compliance with NIST and SOC2 frameworks, supports vulnerability management and incident response efforts, and helps safeguard sensitive information. The engineer will collaborate with cross-functional teams, provide technical mentorship, and drive continuous improvements in the company's cybersecurity posture. Evening and weekend work may be required based on job duties. 

Responsibilities 

• Design, implement, and maintain security-related technologies and controls. 
• Ensure compliance with NIST and SOC2 frameworks. 
• Develop cybersecurity policies, procedures, standards, playbooks, and training materials. 
• Conduct security audits, risk assessments, and penetration testing. 
• Support vulnerability management, threat intelligence, and incident response efforts. 
• Investigate security incidents and perform forensic analysis to determine root causes. 
• Implement and manage security tools, including EDR, SIEM, vulnerability scanners, and firewalls. 
• Assess and improve business continuity / disaster recovery plans and participate in tabletop exercises. 
• Provide technical mentorship to peers and help cultivate a security-conscious culture. 
• Stay up to date with emerging security trends and recommend improvements. 
• Manage our cloud infrastructure and develop automated solutions to streamline operations and enhance security. 

Requirements 

• Minimum of 3+ years of hands-on information security operations experience. 
• Strong knowledge of operating systems security (Windows, Mac, Linux) and cloud security (AWS, Azure, Office 365). 
• Proficiency in scripting and automation using Python, PowerShell, low-code solutions, or C#. 
• Knowledge of APIs, utilizing them for your work and securing them. 
• Experience securing high-volume, high-availability web-facing environments. 
• Expertise in securing network and endpoint environments, including administration of firewalls, IDS/IPS, DLP, WAF, and SIEM technologies. 
• Familiarity with tools such as Burp Suite, Kali Linux, Canary Tokens, and Wireshark. 
• Understanding of encryption protocols, PKI, secure communications, and authentication mechanisms. 
• Strong understanding of application security and secure software development practices. 
• Excellent communication skills, with the ability to clearly present technical concepts to both technical and non-technical audiences. 
• Preferred certifications: CISSP, CCSP, Cysa+, penetration testing cert (OSCP, GIAC, PNPT, BSCP, CPTS), Azure, or AWS cert. 
• Experience working with financial or regulated data is a plus. 
• Bachelor’s degree or equivalent experience in a related field. 

Supervisory Responsibility 

This position does not hold formal supervisory authority; however, the candidate will serve as a technical mentor to junior staff. 

Work/Team Environment 

This role operates in a dynamic, collaborative environment utilizing standard office equipment and remote work tools. Teamwork across various departments is essential. 

Position Type/Expected Hours of Work 

This is a full-time position. Normal working hours are Monday through Friday, 8:00 a.m. to 5:00 p.m., though evening or weekend work may be required as job duties demand. 

Travel 

This position requires up to 5% travel. 

WE OFFER

• A fun, fast-paced work environment
• Responsible PTO Plan that meets or exceeds state and local medical and family leave laws
• 11 paid holidays
• Community and social events to keep you connected and engaged
• Mental Health Benefits
• Medical, Dental and Vision insurance
• Company-paid Group Life Insurance, Short- and Long-Term Disability
• Flexible Spending Account & Health Savings Account
• Aflac Benefits – Critical Illness, Cancer Protection, & Hospital Choice
• Pet Insurance
• 401 (k) with company match with eligibility on Day 1 of employment
• 2 Paid Volunteer Time Off Days
• And much more!
   

Compensation Information

Pursuant to state and local law disclosure requirements, the pay range for this role, with final offer amount dependent on education, skills, experience and location is $120,000 to $140,000 per year. This position may be eligible for an annual discretionary incentive award. The incentive award amount is dependent upon company performance and your personal performance and is not guaranteed.

AAP/EEO Statement

Ncontracts provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.