Employ is transforming how hiring gets done. With our three ATS solutions – Jobvite, Lever, and JazzHR – plus cutting-edge AI Companions, we free recruiters from admin work and give them more time for what matters: connecting with people. More than 23,000 global customers rely on Employ to make millions of candidate connections each year, helping them hire smarter, faster, and at scale. From growing startups to the world’s most recognized brands, we’re redefining what’s possible in talent acquisition.
We’re a fast-moving, remote-first team of builders and innovators who live our people-first philosophy every day. We back it up with flexible work scheduling and paid time off, comprehensive benefits, and career development opportunities that help you thrive. At Employ, you won’t just grow your career – you’ll help millions of others grow theirs.
Come join our team where we have each other’s backs, champion our customers, hold ourselves accountable, and shape what’s next in talent acquisition.
About the Role
We are looking for an experienced and motivated Information Security Engineer to play a critical role in advancing the security strategy of a market-leading HR Tech SaaS company. You will help strengthen our security posture, respond to emerging threats, and proactively mitigate risks.
As the lead engineering resource within the InfoSec team, you will work closely with global stakeholders to deliver both proactive security initiatives and reactive incident response. This role is hands-on and requires a blend of technical expertise, problem-solving skills, and strong collaboration.
Key Responsibilities
Monitor security event platforms, perform first-level incident triage and resolution, and participate in incident retrospectives.
Own the vulnerability management program, including classification, tracking, remediation, documentation, and reporting.
Evaluate, recommend, and implement new security tools from requirements gathering through production deployment.
Provide proactive feedback to improve monitoring capabilities, tools, and processes.
Create daily, weekly, and monthly reports for the Security Management Team.
Maintain and update incident response runbooks, procedures, and playbooks.
Contribute to playbook development using lessons learned and best practices.
Stay current with emerging threats and security trends using public cyber resources (blogs, sites, podcasts).
Participate in the on-call rotation to support 24/7 coverage.
Required Qualifications
Bachelor’s degree in Information Technology, Computer Science, or equivalent experience.
4+ years of IT experience, with 2+ years in Information Security Engineering (incident response, threat detection, security architecture/design, and DevSecOps).
Proven knowledge of end-to-end incident response in cloud environments (detection, containment, eradication, recovery).
Experience designing and improving security controls using standard frameworks.
Expertise in Identity & Access Management (IAM, SSO/MFA, SCIM), preferably with Okta.
Strong understanding of DNS and networking protocols.
Hands-on experience working in SOC- or ISO-compliant environments with knowledge of security standards and compliance practices.
One or more recognized certifications (CISSP, AWS Security Specialty, Azure Security Engineer, etc.) strongly preferred.
Practical experience in cloud security administration.
Nice to Have
SIEM engineering and administration experience.
Endpoint Detection & Response (EDR) engineering and administration experience.
Knowledge of DAST, SAST, SCA, and secure software development lifecycle.
Ability to read and understand code (JavaScript, PHP, Java).
Prior Security Operations Centre (SOC) team experience.
Experience with Data Loss Prevention (DLP) tools.
Advanced scripting skills for automation (PowerShell or Python preferred).
Employ is an Equal Opportunity employer.
Employ is an EVerify employer.
