Information Security Engineer

Responsibilities

• Security Operations and Incident Response
• Monitor security tooling and alerts across endpoint, cloud, and network environments; triage and escalate as appropriate
• Perform log analysis and investigation to identify and scope the impact of security incidents
• Support incident response and business continuity plan execution, including tabletop exercises and post-incident reviews
• Support managed detection and response (MDR) partner relationships and act on partner recommendations
• Participate in root cause analyses for security findings; identify contributing factors and implement permanent fixes
• AI Security
• Support the growth and innovation driven by gen AI technologies across the business
• Participate in testing and reviewing new AI vendors and tools
• Research AI security approaches like MCP servers, agent policy/proxy server, etc. and recommend AI security tooling and security design
• Provide support and training for security hygiene in using AI tools, agents, frameworks like spec kit, OWASP Gen AI Security, etc.
• Threat and Vulnerability Management
• Monitor threat info feeds to monitor and understand the current threat landscape and inform the team to ac t on
• Operate and monitor vulnerability scanning tools; track and remediate or document exceptions
• Prioritize remediation efforts based on risk scoring and asset criticality
• Coordinate with engineering and IT teams to ensure timely patching and hardening of cloud and endpoint systems
• Support penetration testing engagements: coordinate logistics , track findings, and drive remediation to closure
• Security Tooling & Automation
• Administer and tune security tools including SIEM, vulnerability scanners, EDR, and cloud security posture management (CSPM) platforms
• Build and maintain automation and scripts (Python, Bash, or similar) to streamline security operations and reduce manual toil
• Evaluate and recommend new security tools in partnership with the Head of Information Security

Requirements

• Two-year or four-year degree in computer science , i nformation security, t echnology, or related field; or 3 + years of equivalent experience
• 2+ years of experience in a security operations , site reliability engineering , or other relevant role
• Experience with vulnerability management tools and remediation workflows
• Working knowledge of GCP and/or Azure security services and configurations
• Familiarity with IAM, secrets management, and network security concepts in cloud environments
• Proficiency in shell scripting and Python, TypeScript, Go, or similar programming languages
• Experience with modern DevSecOps practices and technologies ( Github , Jira , Confluence )
• Experience operating across cloud-native security and enterprise productivity environments (GCP, Azure, M365)
• Strong analytical and problem-solving skills; high attention to detail
• Ability to communicate and champion security concepts and practices clearly to developers, data engineers, data scientists, and technical and non-technical engineering leadership
• Security certifications (CCSP, CEH, GSEC, GCIH, etc. )
• Experience with IaC tools such as Terraform, Ansible , or Puppet
• Hands-on experience with CSPM (Wiz, Lacework, etc.) and SIEM platforms
• Experience with containerization technologies (Kubernetes, Docker)
• Familiarity with DevSecOps practices and software development lifecycle
• Experience securing personal information or other regulated data
• Exposure to security administration of BigQuery , Databricks , or similar data platform s
• Pay Transparency
• For our Sr. Analyst positions, our compensation ranges from $75,000 to $93,000, which is incl

Benefits

Additional Information

About Ovative Group: Ovative Group is an independent, full-funnel media, measurement, and creative firm. Leveraging our deep industry expertise, we help brands like Best Buy, Domino's, American Eagle, The Home Depot, Post, Disney, Tumi, Michael Kors, Boost Mobile, and UnitedHealth Group transform their media and measurement programs. The result? Profitable growth that speaks for itself. At Ovative, we don't just track data, we redefine success. How do we do it? Our proprietary MarTech platform, EMRge helps businesses transform marketing into a driver of sustainable growth. Powered by Enterprise Marketing Return (EMR), our differentiated approach to holistic media buying, planning, and measurement, EMRge is the first MarTech platform to measure businesses holistically. We're all about raising the bar every day, and it shows. Our work has been recognized by organizations like Digiday, Google, Inc. 5000, USA Today, and Search Engine Land.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ovative? Share your experience