Senior Information Security Engineer

EnSafe is accepting applications for a full-time Senior Information Security Engineerin Memphis, TN.  This position will support EnSafe offices across the U.S. and Canada.

The successful candidate must be willing to work onsite at the Memphis, TN, EnSafe Headquarters campus. Relocation assistance is available to meet this expectation.

What we are looking for

We are seeking a highly skilled Senior Information Security Engineer to join EnSafe's Information Technology team. This hands-on technical role is responsible for the day-to-day operation of EnSafe' s security technologies and technical compliance controls.

The successful candidate will bring cybersecurity expertise, strong enterprise infrastructure knowledge, and network fluency to help protect EnSafe' s infrastructure, systems, and data. This role supports Department of Defense (DoD) contract requirements and helps maintain technical controls aligned with cybersecurity frameworks and regulatory standards.  This position reports to the Director of IT.

Joining our team means immersing yourself in an environment that nurtures creativity, encourages collaboration at all levels, fosters a supportive culture, and facilitates professional development.

 DUTIES/RESPONSIBILITIES

Key responsibilities of this position will include:

• Managing and supporting enterprise security operations technologies to detect, investigate, and respond to cybersecurity threats and vulnerabilities.
• Monitoring, triaging, and responding to security alerts, incidents, identity risks, and endpoint threats in coordination with internal stakeholders and managed security partners.
• Supporting vulnerability and patch management activities, including risk assessment, remediation tracking, reporting, and continuous improvement of the organization's security posture.
• Administering privileged access management solutions and supporting access control, identity protection, and separation-of-duties requirements.
• Participating in incident response activities, including investigation, containment, remediation, documentation, post-incident analysis, and access reviews.
• Supporting and securing enterprise infrastructure environments, including cloud, endpoint, identity, collaboration, and directory services platforms.
• Managing and reviewing network security controls, including firewall administration, VPN technologies, network segmentation, and access management.
• Supporting cybersecurity compliance initiatives through technical control implementation, evidence collection, remediation activities, audit preparation, and ongoing compliance monitoring.
• Leading infrastructure and security projects from requirements gathering through implementation, testing, and documentation.
• Collaborating effectively with Information Technology staff, business stakeholders, managed service providers, and compliance partners to support organizational security objectives.

SKILLS/EXPERIENCE

Minimum Skills and Requirements:

• Eight (8) or more years of progressively responsible information technology experience, including at least four (4) years focused on cybersecurity or security operations.
• Hands-on SIEM operations experience; Sumo Logic experience strongly preferred.
• Hands-on EDR operations experience; CrowdStrike Falcon experience preferred.
• Working knowledge of NIST SP 800-171, CMMC Level 2, cybersecurity compliance frameworks, and security control implementation.
• Strong experience with Microsoft enterprise technologies, including Active Directory, Entra ID, Azure, Microsoft 365, and Intune.
• Experience with firewall administration, VPN technologies, network segmentation, and network troubleshooting.
• Privileged Access Management (PAM) administration experience.
• Scripting experience using PowerShell, Python, or similar automation tools.
• Professional cybersecurity certification such as Security+, CISSP, CISM, or equivalent.
• Strong written communication skills with the ability to create clear technical documentation, evidence packages, change records, and incident documentation.

Preferred (not required):

• Experience supporting Defense Industrial Base (DIB) organizations or federal contractors.
• Experience supporting CMMC or NIST SP 800-171 compliance initiatives.
• CCSP, CISA, CCP, FedRAMP, or other advanced security certifications.
• Fortinet firewall administration experience.
• Experience supporting mergers and acquisitions integrations.
• Experience with insider risk management, AI governance, or related security initiatives.
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Why Join EnSafe?

• Employee-Owned Advantage
  EnSafe is 100% employee-owned, with an ESOP (Employee Stock Ownership Plan) since 1997. That means when EnSafe succeeds, you succeed too, turning company growth directly into shared rewards.
• Commitment to Growth and Wellness
  The company supports personalized career development, mentorship, and employee wellness initiatives such as health tracking tools.
• Purpose‑Driven Work
  EnSafe's mission focuses on impactful environmental, health, and safety consulting—making a real difference in communities and is backed by its long-standing technical credibility. 
• Safety as a Value, Not Just a Service
  Safety is deeply embedded in our culture, prioritizing employee well-being in addition to helping clients maintain compliance. We stress that "safety is part of everything we do."
• A Culture of Freedom & Ownership
  At EnSafe, our career philosophy is built on freedom. The freedom to take initiative, achieve your goals, and shape your own career path Employees are encouraged to pursue growth in a flexible, entrepreneurial environment. 
• Challenging, Creative Work
  Workdays at EnSafe are anything but ordinary, fast-paced, dynamic, and filled with opportunities to tackle projects in environmental consulting, health & safety, engineering, and technology. Every day calls for creativity, innovation, and agile problem-solving.

_#LI-MJ1

_#LI-Onsite