IT Security Engineer

This role is hybrid - 3 days on site in downtown Washington, DC

We're partnering with a professional services organization to add a Security Engineer to their internal technology team. This role is ideal for someone who enjoys working in a Mac-centric environment and is motivated to take ownership of security initiatives from day one. You'll play a key role in safeguarding sensitive business and client data while helping evolve the organization's overall security posture. This position will also support affiliated business units as needed.

• Perform ongoing security reviews, vulnerability scans, and risk evaluations across systems and infrastructure. Identify gaps and implement remediation strategies.
• Act as the main point of contact for external security audits and certification efforts (including ISO-related initiatives).
• Build, maintain, and regularly test incident response processes. Lead investigations and ensure timely resolution of security events.
• Maintain alignment with regulatory and privacy standards (such as GDPR, HIPAA, and CCPA), and continuously refine internal policies to reflect best practices.
• Partner with external security providers (e.g., SOC, endpoint protection vendors) to monitor activity, analyze alerts, and report on risk posture to leadership.
• Deliver internal security training and awareness programs to reduce user-related risk.
• Oversee endpoint protection tools and serve as a subject matter expert on security platforms and applications.
• Complete and review client-facing security documentation, including third-party risk questionnaires and compliance requirements.
• Collaborate across IT, legal, and vendor teams to ensure security is embedded into new systems, projects, and processes.
• Manage patching and updates for systems and security tools to address vulnerabilities proactively.
• Support the deployment and administration of core security technologies such as firewalls, intrusion detection/prevention systems, encryption tools, and access controls.
• Participate in system and application reviews to ensure security requirements are met before implementation.
• Lead third-party risk efforts, including evaluating vendor security practices and ongoing oversight.

• Bachelor's degree in Information Security, Computer Science, or a related discipline (or equivalent hands-on experience).
• 5+ years of experience in cybersecurity, with a strong focus on engineering and infrastructure security. Experience in regulated industries is a plus.
• Relevant certifications such as CISSP, CISM, or similar are preferred.

• Hands-on experience with security tools and frameworks, including SIEM platforms, VPNs, firewalls, IDS/IPS, and endpoint protection solutions.
• Solid understanding of network security, encryption standards, and secure development concepts.
• Familiarity with major compliance frameworks and audit processes (ISO, SOC, etc.).
• Experience working with cloud environments, particularly Azure, including identity and access management (Entra ID, MFA, app registrations).
• Strong analytical mindset with the ability to assess risk and implement practical solutions.
• Clear communicator who can translate technical concepts for non-technical stakeholders.
• Highly organized with the ability to manage multiple priorities in a fast-moving environment.

Dexian stands at the forefront of Talent + Technology solutions with a presence spanning more than 70 locations worldwide and a team exceeding 10,000 professionals. As one of the largest technology and professional staffing companies and one of the largest minority-owned staffing companies in the United States, Dexian combines over 30 years of industry expertise with cutting-edge technologies to deliver comprehensive global services and support.

Dexian connects the right talent and the right technology with the right organizations to deliver trajectory-changing results that help everyone achieve their ambitions and goals.To learn more, please visit https://dexian.com/.

Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.