Security Engineer

N

NATIONMIND LLC

Security Engineer

Allen, TX
Full Time
Paid
  • Responsibilities

    About NationMind LLC:

    NationMind LLC is a technology consulting firm focused on Technical Engineering, software development, technicians, QA testing and services. We help clients build reliable, scalable applications with a strong emphasis on automation, performance, and quality. Our team works across industries, delivering solutions that drive innovation and operational efficiency. We are currently hiring skilled professionals for Security Engineer to join our growing team.

    Title: Security Engineer

    Location: Remote

    Role Overview

    · The Information Security Engineer will support the Client’s Third-Party Risk Management (TPRM) and Governance, Risk, and Compliance (GRC) initiatives.

    · This role requires a technically strong security professional who can independently assess vendor risk, evaluate control effectiveness, and align security practices with enterprise policies and cybersecurity best practices.

    Key Responsibilities & Qualifications

    · Lead and execute end-to-end third-party/vendor risk assessments across technology, supply chain, SaaS, and hybrid environments, identifying control gaps and recommending risk mitigation strategies.

    · Perform deep technical reviews of solution, application, and solution architectures, security controls, and cloud solutions from a security engineering perspective, translating findings into actionable remediation guidance.

    · Conduct hands-on SOC 2 analysis, evaluate control design and operating effectiveness, and clearly articulate control gaps and risk impacts to stakeholders.

    · Ensure alignment of third-party assessments and internal practices with enterprise security policies, data protection standards, and frameworks such as SOC 2 and ISO 27001.

    · Leverage and administer GRC and risk intelligence platforms such as RSA Archer, Onspring, BitSight, UpGuard, SecurityScorecard, ServiceNow, or similar tools to manage risk lifecycle activities.

    · Coordination with business partners such as Legal, Procurement, IT, Privacy, Audit, and Security Operations to drive timely assessment completion and remediation tracking.

    · Develop and report meaningful risk metrics and program insights to leadership, demonstrating effectiveness and continuous improvement of the TPRM program.

    · Contribute to the development, enhancement, and rationalization of information security policies, standards, and exception processes based on risk findings and industry best practices.

    · Communicate complex technical and risk concepts clearly to both technical and non-technical stakeholders; build trusted relationships across business units.

    · Operate independently in a fast-paced environment, managing multiple concurrent assessments while maintaining high-quality documentation and professional integrity.

    · Must be a strong, clear, and concise communicator that is self-starting and can remain organized when faced with multiple assignments that require granular-level tracking.

    This is a remote position.