Logo-of-Tkxel-hiring-for-jobs-in-US-on-GrabJobs

Information Security Engineer

Job Description - Information Security Engineer

About the Role:
We are seeking a motivated Information Security Specialist with a strong foundation in compliance frameworks and offensive security. The ideal candidate will have hands-on experience with ISO 27001, HIPAA, SOC 2, as well as practical skills in penetration testing and security risk assessments. This role requires both a compliance mindset and an attacker’s perspective to ensure a well-rounded approach to organizational security.

Key Responsibilities:
● Governance, Risk & Compliance
○ Maintain and improve the organization’s Information Security Management System (ISMS) in alignment with ISO 27001.
○ Support compliance efforts for HIPAA and SOC 2 frameworks.
○ Conduct risk assessments, document findings, and recommend remediation strategies.
○ Assist in preparing for internal and external audits.

● Offensive Security & Technical Security Testing
○ Perform internal and external penetration testing, including web, network, and cloud environments.
○ Conduct vulnerability assessments and report exploitable weaknesses.
○ Simulate real-world attack scenarios to test security controls and incident response readiness.

● Security Awareness & Incident Support
○ Work with cross-functional teams to improve security posture.
○ Contribute to security awareness training programs.
○ Assist in security incident investigations and root cause analysis.

Requirements

Required Qualifications

Education: Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).

Certifications:
○ Mandatory: ISO 27001 Lead Implementer (LI)
○ Offensive Security Certifications: CPPT, CWPTX or similar

Experience:
○ 2–3 years in information security roles covering both compliance and offensive security.
○ Hands-on involvement in ISO 27001 implementation/maintenance, HIPAA, and SOC 2 compliance projects.
○ Experience performing penetration tests and vulnerability assessments.

Desired Skills:
● Knowledge of security standards such as NIST, CIS Controls, and GDPR.
● Strong report writing and communication skills for both technical and non-technical audiences.
● Understanding of incident response processes.

Original job Information Security Engineer posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Information Security Engineer Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.