We are looking for a Security and Compliance Engineer to strengthen our client security operations. In this role, you’ll design, implement, and manage technical security controls while guiding clients through compliance requirements. You’ll work across diverse environments (cloud, on-prem, hybrid) to reduce risk, support audits, and respond to incidents—all while helping clients meet the highest standards of information security.

Key Responsibilities:

Security Engineering & Operations

• Design and implement security architectures across cloud, on-prem, and hybrid client environments.
• Manage and optimize security tools (EDR, MDR, MFA, SIEM, firewalls, VPNs, etc.).
• Collaborate with NOC/SOC partners to monitor threats and respond to incidents.
• Develop standard configurations and automation for scalable deployments.

Compliance & Risk Management

• Guide clients through frameworks such as NIST, CMMC, and PCI.
• Conduct gap assessments and recommend remediation strategies.
• Support audits with evidence collection, reporting, and documentation.
• Perform vulnerability scans, risk assessments, and configuration reviews.

Policy, Documentation, & Training

• Create and maintain security policies, procedures, and client environment documentation.
• Deliver security awareness training internally and externally.
• Ensure audit readiness and SLA-driven compliance.

Incident Response & Continuous Improvement

• Develop and execute incident response playbooks for client breaches.
• Investigate incidents, contain threats, and coordinate remediation.
• Continuously improve tools, processes, and methodologies.
• Stay current on emerging threats and recommend new defenses.

Qualifications:

To perform this job successfully, an individual must be able to fulfill each essential duty satisfactorily. The requirements listed below represent the necessary knowledge, skills, and abilities required for this position.

• Strong knowledge of servers, network infrastructure, and security technologies (firewalls, VPN, MFA, SIEM, MDR, EDR).
• Experience securing cloud platforms (AWS, Azure, GCP), including IAM, security groups, and native controls.
• Familiarity with compliance frameworks (NIST, CMMC, PCI, ISO 27001, etc.).
• Excellent troubleshooting skills and ability to perform under pressure.
• Strong written and verbal communication skills with both technical and non-technical audiences.
• High integrity and commitment to confidentiality.

Education and Experience:

• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).
• 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred).

Certifications (Preferred)

• CompTIA Security+
• CISM
• CISSP
• GIAC
• ISO 27001 Lead Implementer

Physical Demands:

• Ability to lift and transport equipment weighing up to 40 pounds.
• Mobility to work in a standard office setting and to sit and stand for a period of time.
• Vision to read printed materials and see a computer screen.
• Hearing and speech (English language) to communicate in person and over the telephone.

Compensation & Benefits

• Competitive starting salary with performance-based incentives.
• Comprehensive benefits package, including:
  • Company-shared cost medical and dental plans
  • 401(k) plan with company matching
  • Annual bonus program and performance awards
  • Accelerated vacation schedule
• Professional growth opportunities, including:
  • Access to ongoing training resources, virtual labs, and study materials
  • Company-funded certification exams

Additional Details

• TAB operates a 24/7 support service, and technicians are occasionally required to assist during evenings or weekends in the event of a client emergency on a rotational basis.
• This role is ideal for self-motivated, ambitious individuals who thrive in a fast-paced, dynamic work environment.

Compensation

• Starting salary range: $105,000 – 125,000 annually
• Non-exempt