Senior IT Security Engineer

What We Need

NetBrain is looking for an analytically-inclined and detail-oriented Senior IT Security Engineer to drive our ISO 27001 and SOC 2 certification efforts, ensuring IT security is fully aligned and audit-ready for our SaaS product launch. This person will collaborate cross-functionally and define, implement and enforce security requirements and standards.

What You'll Do

• You will drive ISO 27001 certification and SOC 2 Type II attestation initiatives end-to-end — from initial gap analysis and control design through evidence collection, audit coordination, and successful certification to support NetBrain’s new SaaS business.
• Build and mature NetBrain’s GRC (Governance, Risk & Compliance) program — conduct risk assessments, maintain the risk register, define control owners, and produce compliance reporting that gives leadership clear visibility into security posture.
• Translate compliance framework requirements into practical, scalable security policies, standards, and procedures and partner with cross-functional teams (engineering, product, legal, IT) to embed them into daily operations and product development workflows.
• Define and enforce IAM (Identity & Access Management) standards — including SSO, MFA, RBAC, and periodic access reviews — across both corporate IT and SaaS product environments to satisfy audit requirements and enforce least-privilege principles.
• Implement and manage SIEM platforms for centralized security monitoring, log aggregation, and alerting to meet audit evidence requirements and provide real-time threat visibility across cloud and on-premise infrastructure.
• Own the vulnerability management lifecycle — deploy and operate scanning tools, define remediation SLAs, track closure rates, and report on risk reduction metrics to demonstrate continuous improvement to auditors and stakeholders.
• Develop and maintain incident response plans, playbooks, and escalation procedures aligned with ISO 27001 and SOC 2 control requirements; lead tabletop exercises and coordinate response during security events.
• Evaluate and manage third-party vendor risk — conduct security assessments of SaaS vendors and partners, manage security questionnaires, and maintain a supplier risk register aligned with compliance framework requirements.
• Design and deliver security awareness training programs that drive adoption of security best practices across the organization and satisfy compliance training requirements for both ISO 27001 and SOC 2.
• Serve as the trusted security subject matter expert across business units — communicate risks and recommendations to both technical and non-technical stakeholders, and ensure IT security readiness directly supports the launch and growth of NetBrain’s SaaS product.

What You Bring

• 8+ years of experience in information security, cybersecurity engineering, or a GRC-focused security role
• Hands-on experience leading or supporting ISO 27001 and/or SOC 2 audit and certification processes
• Prior experience at a B2B SaaS company with responsibility spanning both product security and corporate IT security
• Strong working knowledge of compliance frameworks including ISO 27001, SOC 2, and NIST CSF
• Experience with GRC platforms and security tooling (SIEM, vulnerability scanners, IAM solutions, EDR)
• Professional certifications such as CISSP, CISM, CISA, or equivalent strongly preferred
• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
• Manual Dexterity: Repetitive motion of wrists, hands and fingers for using a computer.
• Stationary Tasks: Sitting for extended periods, remaining in a stationary position.

What We Offer

Our comprehensive compensation package is vital in how we recognize our people for the impact they make on us reaching our goals as a company.

For this role, the estimated base is $130,000 - $155,000 + Bonus. The actual salary may vary based on a range of factors, including market and individual qualifications objectively assessed during the interview process.

The range listed above is a guideline and may be modified. People Experience offers a comprehensive benefits package in addition to cash compensation that includes but is not limited to 401k and medical/dental coverage. Speak with your Recruiter for more details on our Total Rewards philosophy.