Information Security Engineer
Apply for this position → Go ad-free with PremiumAbout Keyfactor
Our mission is to securely connect the world: humans, machines, and AI. Keyfactor is the leader in trust infrastructure for AI and machines, helping the world's largest enterprises and government agencies take control of the cryptographic identities that safeguard every digital interaction. Behind the platform is a global team of people who care deeply about the work and each other. We move fast, think big, and show up for one another every day. If you're looking for work that matters and a team that brings out your best, we hope you'll trust your future with Keyfactor!
Title: Information Security Engineer
Location: United States; Remote
Experience: Mid-Level
Job Function: IT Compliance
Employment Type: Full-Time
Industry: Computer Network & Security
Job Summary
The Information Security Engineer is responsible for executing and advancing the organization’s security operations, risk management practices, and compliance programs. This role focuses on strengthening security controls, leading incident response activities, managing vulnerability remediation efforts, and ensuring sustained compliance with frameworks such as ISO 27001:2022 and SOC 2 Type II. The role operates with increased independence, drives improvements to security tooling and processes, and partners cross-functionally to embed secure practices into infrastructure and engineering workflows. Work at this level includes ownership of defined security domains and contributing to the ongoing maturity of the organization’s overall security posture.
Applicants must be legally authorized to work in the United States.
Job Responsibilities
- Experience conducting vulnerability assessments, system audits, and risk analysis using industry-standard scanning tools (e.g., Nessus, Azure security tools, Tenable, Burpsuite, etc…) to support a proactive security posture.
- Manage and implement continuous monitoring processes to ensure the organization maintains compliance with a variety of information security frameworks, including ISO 27001:2022 and SOC 2 Type II. Experience with government compliance standards such as FedRAMP (NIST SP 800-53) and CMMC is preferred. This role focuses on ensuring robust security practices and adapting to evolving compliance requirements.
- Collaborate closely with IT, DevOps, Engineering, and Compliance teams to enforce security policies, procedures, and best practices.
- Actively monitor, analyze, and respond to security alerts and incidents, performing investigations, incident handling, and recommending corrective actions.
- Provide expert guidance on security matters to support secure development and operations.
Minimum Qualifications, Education, and Skills
- 5+ years of experience in information security or a similar role
- Proficiency in vulnerability scanning tools (Nessus, Burpsuite, Tenable, etc…) and interpreting scan results for remediation.
- Strong knowledge of security standards
- Demonstrated experience in continuous monitoring, network security, firewalls, VPNs, IDS/IPS, and endpoint protection.
- Strong analytical skills and a meticulous approach to problem-solving
- Demonstrated capability to deliver results on-time and to a defined schedule.
- Relevant certifications (e.g., CISSP, CompTIA Security+, CAP) are strongly preferred
- Familiarity with cloud security principles
- Experience with security automation and continuous monitoring tools
- PKI knowledge a plus
- Knowledge of scripting languages (Python, PowerShell) to automate security processes
- Experience in STIG configuration & implementation, and best practices for implementing these in various environments preferred
- Expertise in Government related InfoSec compliance frameworks such as NIST 800-53, NIST 800-171 preferred
- Experience with government-regulated environments (AWS GovCloud, Azure Government) preferred
Level of Authority
- Limited level of authority. Authority involves tasks such as executing assigned duties, following established procedures, and making recommendations within their area of expertise, while seeking guidance or approval from more experienced team members or supervisors for significant actions or changes.
Travel Requirements
- Up to 10% travel required.
Compensation
Salary will be commensurate with experience.
Culture, Career Opportunities and Benefits
We build teams that continually strive to get better than the day before. You will be challenged daily and given opportunities to grow personally and professionally. We balance autonomy and structure to create an entrepreneurial environment to spur creativity and new ideas.
Here are just some of the initiatives that make our culture special:
- Second Fridays (a company-wide day off on the second Friday of every month minus November and December due to the Holiday schedule). Please note that this benefit is subject to change.
- Comprehensive benefit coverage globally.
- Generous paid parental leave globally.
- Competitive time off globally.
- Dedicated employee-focused ambassadors via Key Contributors & Culture Committees.
- DIVERSE Commitment, a call to action for a more inclusive and diverse future in business, society, and technology.
- The Keyfactor Alliance Program to support DEIB efforts.
- Wellbeing resources, wellness allowance, mindfulness app free membership, Wellness Wednesdays.
- Global Volunteer Day, company non-profit matching, and 3 volunteer days off.
- Monthly Talent development and Cross Functional meetings to support professional development.
- Regular All Hands meetings – followed by group gatherings.
Our Core Values
Our core values are extremely important to how we run our business and what we look for in every team member:
Trust is paramount.
We deliver security software and solutions where trust and openness are of the highest importance for our customers. We are honest and a trusted partner in every aspect of business.
Customers are core.
We strategize, operate, and execute through a customer-centric view. We prioritize the security interests of our customers, and we act as if their data were our own.
Innovation never stops, it only accelerates.
The speed of change is accelerating. We are committed, through investment and focus, to stay ahead of the innovation curve.
We deliver with agility.
We thrive in high-paced and continually changing environments. We navigate through newly added variables, adjust accordingly, while driving towards our strategic goals.
United by respect.
Respect for all is what unites us. We promote diversity, inclusivity, equity, and acting with empathy and openness, both in our business and in our communities.
Teams make “it” happen.
Vision and goals are not individually achievable – they require teamwork. We pride ourselves in operating as a cohesive team, creating promoters and partners, and winning as one.
Keyfactor is a proud equal opportunity employer including but not limited to veterans and individuals with disabilities.
REASONABLE ACCOMMODATION: Applicants with disabilities may contact a member of Keyfactor’s People team via people@keyfactor.com and/or telephone at 1.216.785.2990 to request and arrange for accommodations at any time.
Similar Jobs
Information Security Analyst
Clear Capital | CubiCasa · USA
Senior Infrastructure Engineer, Cloud Security
Rocket Money · USA
Senior Information Security Engineer
Qualia · USA
Staff Cloud Security Engineer
Ro · USA
Senior Cyber Security Analyst - Application & Infrastructure
iRhythm · USA
Information Security Engineer
About Keyfactor
Our mission is to securely connect the world: humans, machines, and AI. Keyfactor is the leader in trust infrastructure for AI and machines, helping the world's largest enterprises and government agencies take control of the cryptographic identities that safeguard every digital interaction. Behind the platform is a global team of people who care deeply about the work and each other. We move fast, think big, and show up for one another every day. If you're looking for work that matters and a team that brings out your best, we hope you'll trust your future with Keyfactor!
Title: Information Security Engineer
Location: United States; Remote
Experience: Mid-Level
Job Function: IT Compliance
Employment Type: Full-Time
Industry: Computer Network & Security
Job Summary
The Information Security Engineer is responsible for executing and advancing the organization’s security operations, risk management practices, and compliance programs. This role focuses on strengthening security controls, leading incident response activities, managing vulnerability remediation efforts, and ensuring sustained compliance with frameworks such as ISO 27001:2022 and SOC 2 Type II. The role operates with increased independence, drives improvements to security tooling and processes, and partners cross-functionally to embed secure practices into infrastructure and engineering workflows. Work at this level includes ownership of defined security domains and contributing to the ongoing maturity of the organization’s overall security posture.
Applicants must be legally authorized to work in the United States.
Job Responsibilities
- Experience conducting vulnerability assessments, system audits, and risk analysis using industry-standard scanning tools (e.g., Nessus, Azure security tools, Tenable, Burpsuite, etc…) to support a proactive security posture.
- Manage and implement continuous monitoring processes to ensure the organization maintains compliance with a variety of information security frameworks, including ISO 27001:2022 and SOC 2 Type II. Experience with government compliance standards such as FedRAMP (NIST SP 800-53) and CMMC is preferred. This role focuses on ensuring robust security practices and adapting to evolving compliance requirements.
- Collaborate closely with IT, DevOps, Engineering, and Compliance teams to enforce security policies, procedures, and best practices.
- Actively monitor, analyze, and respond to security alerts and incidents, performing investigations, incident handling, and recommending corrective actions.
- Provide expert guidance on security matters to support secure development and operations.
Minimum Qualifications, Education, and Skills
- 5+ years of experience in information security or a similar role
- Proficiency in vulnerability scanning tools (Nessus, Burpsuite, Tenable, etc…) and interpreting scan results for remediation.
- Strong knowledge of security standards
- Demonstrated experience in continuous monitoring, network security, firewalls, VPNs, IDS/IPS, and endpoint protection.
- Strong analytical skills and a meticulous approach to problem-solving
- Demonstrated capability to deliver results on-time and to a defined schedule.
- Relevant certifications (e.g., CISSP, CompTIA Security+, CAP) are strongly preferred
- Familiarity with cloud security principles
- Experience with security automation and continuous monitoring tools
- PKI knowledge a plus
- Knowledge of scripting languages (Python, PowerShell) to automate security processes
- Experience in STIG configuration & implementation, and best practices for implementing these in various environments preferred
- Expertise in Government related InfoSec compliance frameworks such as NIST 800-53, NIST 800-171 preferred
- Experience with government-regulated environments (AWS GovCloud, Azure Government) preferred
Level of Authority
- Limited level of authority. Authority involves tasks such as executing assigned duties, following established procedures, and making recommendations within their area of expertise, while seeking guidance or approval from more experienced team members or supervisors for significant actions or changes.
Travel Requirements
- Up to 10% travel required.
Compensation
Salary will be commensurate with experience.
Culture, Career Opportunities and Benefits
We build teams that continually strive to get better than the day before. You will be challenged daily and given opportunities to grow personally and professionally. We balance autonomy and structure to create an entrepreneurial environment to spur creativity and new ideas.
Here are just some of the initiatives that make our culture special:
- Second Fridays (a company-wide day off on the second Friday of every month minus November and December due to the Holiday schedule). Please note that this benefit is subject to change.
- Comprehensive benefit coverage globally.
- Generous paid parental leave globally.
- Competitive time off globally.
- Dedicated employee-focused ambassadors via Key Contributors & Culture Committees.
- DIVERSE Commitment, a call to action for a more inclusive and diverse future in business, society, and technology.
- The Keyfactor Alliance Program to support DEIB efforts.
- Wellbeing resources, wellness allowance, mindfulness app free membership, Wellness Wednesdays.
- Global Volunteer Day, company non-profit matching, and 3 volunteer days off.
- Monthly Talent development and Cross Functional meetings to support professional development.
- Regular All Hands meetings – followed by group gatherings.
Our Core Values
Our core values are extremely important to how we run our business and what we look for in every team member:
Trust is paramount.
We deliver security software and solutions where trust and openness are of the highest importance for our customers. We are honest and a trusted partner in every aspect of business.
Customers are core.
We strategize, operate, and execute through a customer-centric view. We prioritize the security interests of our customers, and we act as if their data were our own.
Innovation never stops, it only accelerates.
The speed of change is accelerating. We are committed, through investment and focus, to stay ahead of the innovation curve.
We deliver with agility.
We thrive in high-paced and continually changing environments. We navigate through newly added variables, adjust accordingly, while driving towards our strategic goals.
United by respect.
Respect for all is what unites us. We promote diversity, inclusivity, equity, and acting with empathy and openness, both in our business and in our communities.
Teams make “it” happen.
Vision and goals are not individually achievable – they require teamwork. We pride ourselves in operating as a cohesive team, creating promoters and partners, and winning as one.
Keyfactor is a proud equal opportunity employer including but not limited to veterans and individuals with disabilities.
REASONABLE ACCOMMODATION: Applicants with disabilities may contact a member of Keyfactor’s People team via people@keyfactor.com and/or telephone at 1.216.785.2990 to request and arrange for accommodations at any time.
Similar Jobs
Information Security Analyst
Clear Capital | CubiCasa · USA
Senior Infrastructure Engineer, Cloud Security
Rocket Money · USA
Senior Information Security Engineer
Qualia · USA
Staff Cloud Security Engineer
Ro · USA
Senior Cyber Security Analyst - Application & Infrastructure
iRhythm · USA