Public Consulting Group LLC (PCG) is a leading public sector solutions implementation and operations improvement firm that partners with health, education, and human services agencies to improve lives. Founded in 1986, PCG employs approximately 2,000 professionals throughout the U.S.—all committed to delivering solutions that change lives for the better. The firm is a member of a family of companies with experience in all 50 states, and clients in six Canadian provinces and Europe. PCG offers clients a multidisciplinary approach to meet challenges, pursue opportunities, and serve constituents across the public sector. To learn more, visit www.publicconsultinggroup.com.
The ideal Information Security Engineer candidate will play a pivotal role in safeguarding PCG’s information, brand, digital assets and its people. The Information Security Engineer will be responsible for identifying gaps, vulnerabilities, and potential threats, conducting risk assessments, developing, identifying and deploying security solutions to mitigate risks. This position requires an expert in the field of security and must have a deep understanding of the latest security threats, vulnerabilities, and mitigation strategies.
If you have a passion for information security, a strong technical background, and exceptional analytical skills, we encourage you to apply.
Key Responsibilities
Security Architecture Review and Design:
- Evaluate existing cloud-based security architectures, systems and frameworks to identify weaknesses and areas for improvement.
- Recommend enhancements to security architectures to enhance resilience and mitigate emerging threats.
- Develop cloud relevant security controls, leveraging tools such as cloud security posture management (CSPM), cloud access security brokers (CASB), Data Loss Prevention (DLP) and access management (IAM) solutions.
- Design and recommend comprehensive security solutions to protect PCG’s infrastructure, systems, and data.
- Provide timely feedback on all security-related aspects of project designs and architectures, highlighting areas of risk and/or non-compliance with requirements.
- Stay abreast of industry trends and emerging technologies to proactively adapt security architectures to evolving threats with focus on telecommuter workforce and cloud based infrastructure.
- Collaborate with the InfoSec project and other teams to document formal security requirements for a project.
Risk Gap Assessment
- Conduct comprehensive risk and coverage gap assessments of cloud-based infrastructure, applications, and data to identify vulnerabilities and security gaps.
- Analyze cloud-specific security risks, including misconfigurations, data breaches, and unauthorized access, and prioritize remediation efforts accordingly.
- Develop risk mitigation strategies and action plans to address identified vulnerabilities and ensure compliance with cloud security standards and regulations.
- Develop and implement security policies, assist with security audits, risk assessments, and penetration testing to identify potential security gaps, and recommend measures to address the identified risks.
- Analyze security risks and prioritize remediation efforts based on potential impact and likelihood of occurrence.
Stakeholder Communication
- Communicate security risks, issues, and recommendations to various stakeholders and senior management.
- Provide regular updates to the management and on the status of assessments, reviews and designs.
- Conduct security training and awareness sessions as required for other team members.
Continuous Improvement
- Stay updated on the latest security trends, threats, and technologies.
- Recommend improvements to security processes and practices to enhance the organization’s security posture.
- Participate in professional development opportunities to maintain and enhance security expertise.
The above is intended to describe the general contents and requirements of work being performed by people assigned to this classification. It is not intended to be construed as an exhaustive statement of all duties, responsibilities or skills of personnel so classified.
Qualifications
- Education: Bachelor’s degree in computer science or engineering, Information Technology, or related field.
- Experience: Minimum of 3 years of experience in cloud security engineering, risk assessment, and architecture design.
- Proficiency in cloud security technologies and tools, including Firewalls, WAFs, SIEM, DLP, CSPM, CASB, IAM, and cloud related security controls. Hands on experience in such technologies will be preferred.
- Strong understanding of security principles, standards, and frameworks (e.g., NIST, ISO 27001, CSA, CIS Controls).
- Relevant certifications such as Certified Cloud Security Professional (CCSP), AWS Certified Security - Specialty, or Azure Security Engineer Associate preferred.
Skills
- Strong knowledge of security principles, practices, and technologies.
- Experience with security risk assessment and management methodologies.
- Proficiency in designing and implementing secure architectures and solutions.
- Understanding and experience in deployment IT infrastructure e.g. Active Directory, DNS, Email services, Web services, hosted applications.
- Familiarity with industry standards and regulations.
- Excellent problem-solving and analytical skills.
- Ability to support multiple projects simultaneously and meet deadlines.
- Strong communication (verbal and written) and interpersonal abilities. Ability to work collaboratively in a team environment.
Working Conditions
This position is remote with travel/onsite requirements. PCG is a remote-friendly organization and is committed to creating a culture where remote work remains a vital part of the company’s success. To be successful in a remote work role at PCG, you must:
be available during your set working hours
have a safe, private, and distraction-free environment in which to complete your work, and
be able to give your full attention to the completion of your PCG job duties
Some travel to the office or elsewhere may be required for team meetings, client meetings, etc.
We are accepting applications on an ongoing basis until filled. As required by applicable law, PCG provides the following reasonable range of compensation for this role: $120,000-135,000.
#D-PCG
Compensation
Compensation for roles at Public Consulting Group varies depending on a wide array of factors including, but not limited to, the specific office location, role, skill set, and level of experience. As required by applicable law, PCG provides the following reasonable range of compensation for this role below. In addition, PCG provides a range of benefits for this role, including medical and dental care benefits, 401k, PTO, parental leave, bereavement leave.
EEO Statement
Public Consulting Group is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PCG, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PCG will not tolerate discrimination or harassment based on any of these characteristics. PCG believes in health, equality, and prosperity for everyone so we can succeed in changing the ways the public sector, including health, education, technology and human services industries, work.