[Remote] IT & Security Engineer

Note: The job is a remote job and is open to candidates in USA. GovWorx is helping public safety rise to today’s greatest challenge: the loss of experience. They are seeking an IT & Security Engineer to own the security engineering and IT infrastructure, providing technical leadership and hands-on delivery across various security and compliance initiatives.

Responsibilities

• Own architecture strategy and hands-on delivery for IT & Security engineering initiatives
• Translate security and IT objectives into actionable workflows, automation patterns, and documentation
• Mentor team members on technical troubleshooting, configuration, and best practices; foster a security-first culture
• Evaluate and recommend technologies to improve security posture, service reliability, and operational efficiency
• Own end-to-end identity lifecycle management using Okta as the primary IAM platform
• Maintain and refine RBAC/ABAC models, least-privilege controls, and provisioning workflows
• Implement and support SSO, MFA, SCIM, conditional access, and session security controls
• Conduct periodic access reviews and maintain audit documentation for GovWorx compliance frameworks
• Serve as SME for Jamf (macOS) and Intune (Windows): secure baselines, configuration profiles, provisioning, and compliance enforcement
• Maintain Zero Trust device posture: encryption, patching, MDM enforcement, automated remediation, and application access controls
• Manage and tune the EDR deployment for detection quality and incident readiness
• Deploy self-service endpoint capabilities to minimize employee friction and ensure timely application access
• Maintain centralized logging and monitoring pipelines across identity, endpoint, and SaaS systems
• Create and refine detection alerts for high-signal, low-noise event visibility
• Lead technical investigation during security events: evidence gathering, forensic analysis, containment, and remediation recommendations
• Collaborate with the Head of IT & Security on incident prioritization, communication, and business-impact decisions
• Maintain and optimize core SaaS, collaboration, and IT platforms for reliability and scalability
• Own hardware and software lifecycle management: procurement, deployment, inventory, and secure decommissioning
• Maintain and regularly test backup, continuity, and disaster recovery processes
• Maintain system diagrams, runbooks, SOPs, and internal knowledge articles
• Support GovWorx compliance frameworks through control enforcement, audit evidence collection, and documentation
• Maintain SaaS application and OAuth integration inventory; review and control privileged access and scope boundaries
• Manage lifecycle of service accounts, API keys, certificates, and secrets; enforce secure storage and automated rotation
• Assist in vendor security evaluations, risk assessments, and risk register contributions

Skills

• 5+ years of experience in IT, security engineering, or a combined technical role
• Hands-on expertise with Okta (SSO, SCIM, MFA, lifecycle management) and RBAC/ABAC access models
• Proficiency with Jamf Pro and Microsoft Intune for endpoint management and compliance enforcement
• Experience with EDR platforms, SIEM tooling, and centralized logging infrastructure
• Working knowledge of Zero Trust architecture principles and their practical application
• Experience supporting compliance frameworks (SOC 2, NIST, ISO 27001, or similar)
• Familiarity with incident response practices, forensic analysis, and chain-of-custody procedures
• Ability to write and maintain scripts or automation (Python, Bash, or equivalent) for operational tasks
• Strong written and verbal communication; able to translate technical concepts for non-technical stakeholders
• U.S. citizen or authorized to work in the United States
• Familiarity with cloud environments (AWS, GCP, or Azure) and SaaS security posture management
• Experience with PKI, secrets management, and certificate lifecycle practices
• Background in regulated or compliance-driven environments (public sector, healthcare, fintech, or similar)
• Prior experience in a technical lead or senior individual contributor capacity
• Bachelor's degree in Computer Science, Information Security, or a related field; equivalent experience accepted

Benefits

• Offers Bonus
• Health Benefits
• Flexible Time Off

Company Overview