Vaco

Security Engineer

Overview:

We’re seeking a proactive and skilled Security Engineer to help protect our organization's infrastructure, systems, and data. This individual will play a key role in designing, implementing, and optimizing security tools and practices, while supporting ongoing threat detection, compliance, and incident response efforts.

This position works cross-functionally with engineering, architecture, and development teams to ensure our systems remain secure, compliant, and resilient. The ideal candidate is analytical, detail-oriented, collaborative, and passionate about advancing security across the enterprise.

This is a full-time role based onsite three days a week in Durham, NC.

Responsibilities:

• Design, implement, and maintain security systems and controls to safeguard infrastructure and data.
• Collaborate with cross-functional teams to identify risks, evaluate threats, and develop secure solutions.
• Optimize and manage tools such as SIEM, EDR, DLP, code scanning, and vulnerability management platforms.
• Conduct vulnerability assessments, risk analyses, and support penetration testing efforts.
• Monitor systems and logs for anomalies, investigate alerts, and support incident response activities.
• Ensure alignment with regulatory and compliance standards (e.g., GLBA).
• Document policies, processes, configurations, and incidents for audits and future reference.
• Provide security education and guidance across teams to promote secure practices.
• Lead initiatives related to secure development and DevSecOps integration.
• Stay current on emerging cybersecurity threats, tools, and best practices.

Qualifications:

• Bachelor’s degree in computer science, cybersecurity, or a related field.
• 3 years of experience in a cybersecurity role such as security engineering, network security, or application security.
• Proficient with tools like SIEM, vulnerability scanners, DLP, EDR, and code analysis platforms.
• Experience with threat modeling, penetration testing, and vulnerability management.
• Scripting or automation experience (e.g., Python, Bash, PowerShell).
• Understanding of network architecture, IT fundamentals, and cloud security.
• Familiarity with regulatory frameworks and security compliance standards.
• Excellent analytical, communication, and documentation skills.
• Ability to work both independently and collaboratively in a fast-paced environment.
• Relevant certifications such as CISSP, CEH, or OSCP are preferred.