This is a remote position.
Position Title: IT Security Engineer
Base Salary:
$97,900 to $153,800 annually DOE
Benefits:
Medical, dental, vision, 401k, flexible spending account, paid sick leave and paid time off, parental leave, quarterly performance bonus, training, career growth and education reimbursement programs.
Ziply Fiber is a local internet service provider dedicated to elevating the connected lives of the communities we serve. We offer the fastest home internet in the nation, a refreshingly great customer experience, and affordable plans that put customers in charge.
As our state-of-the-art fiber network expands, so does our need for team members who can help us grow and realize our goals.
Our Company Values:
Job Summary
The IT Security Engineer applies Information Technology (IT) security principles, methods, and security products, including AI-powered security tools and automation, to protect and maintain the availability, integrity, confidentiality, and accountability of company IT resources, as well as the physical security and access of property and personnel. This role leverages AI and machine learning technologies to enhance threat detection, accelerate incident response, and strengthen the organization’s overall security posture. The position is responsible for executing assigned tasks to support and implement the goals of the company’s Information Security initiatives on time and within the approved budget.
Essential Duties and Responsibilities:
The Essential Duties and Responsibilities listed below are a range of duties performed by the employee and not intended to reflect all duties performed.
IT Security Configuration & Infrastructure
·
Maintains configurations for IT security technologies to optimize protective equipment functions and capabilities.
·
Collaborates with others in the Company (i.e., Information Technology engineers, Network Engineers, etc.) to perform design review and analysis of network infrastructure modifications.
·
Periodically reviews firewall and router rules and access control lists.
·
Responsible for PKI Infrastructure management and support - User and Server Authentication.
Policy, Compliance & Documentation
·
Develops, documents, and maintains methodology for sensitive and critical application and general support for IT security systems.
·
Draft policy based on NIST, FISMA, PCI, PII and CJIS compliance.
·
Ensures processes and procedures are developed, documented, maintained, and adhered to for incident identification, investigation and response, analysis and recommendations for risk management, collection of forensic data and regulatory requirements.
Threat Detection, Risk & Vulnerability Management
·
Develops policies, procedures and maintains scripts, routines, and software for accomplishing security studies and assessments to provide professional level analysis in recognizing system threats and vulnerabilities; leverages AI/ML-based detection tools to identify malware, anomalous behavior, and malicious activities at scale.
·
Monitors and reviews intrusion detection systems and firewall logs, utilizing AI-driven behavioral analytics and SIEM platforms to identify adverse patterns and coordinate mitigation responses.
·
Performs security assessments, risk identification and mitigation planning and execution.
·
Leads vulnerability management efforts and actively participates in patch management and risk management processes.
·
Participates in emergency operations, including the Computer Security Incident Response Team.
·
Deploys and manages AI-powered security tools including AI-driven SIEM, endpoint detection and response (EDR), and user and entity behavior analytics (UEBA) platforms to improve detection accuracy and reduce mean time to respond (MTTR).
·
Evaluates emerging AI-driven attack vectors (e.g., adversarial AI, AI-generated phishing, deepfake social engineering) and develops countermeasures to protect company assets.
Research, Training & Awareness
·
Research technical and IT security topics, including developments in AI/ML security tooling, generative AI risks, and emerging threat landscapes; maintains information on industry trends.
·
Assists with the development and implementation of the Cyber training and awareness program, incorporating AI-specific threat scenarios such as AI-generated phishing simulations and guidance on safe use of AI tools within the organization.
AI-Augmented Security Operations
·
Integrates and manages AI-powered security automation workflows, including automated alert triage, threat hunting playbooks, and AI-assisted incident response runbooks to reduce analyst workload and response times.
·
Develops and enforces an AI Acceptable Use Policy, establishing security guardrails for employee use of generative AI tools (e.g., ChatGPT, GitHub Copilot) and ensuring data loss prevention controls are applied to AI interactions.
·
Collaborate with IT and business teams to perform AI risk assessments on proposed AI/ML solutions, evaluating model security, data privacy, and supply chain risks prior to deployment.
Other Duties
·
Performs other duties as required to support the business and evolving organization
.
Required Qualifications:
·
High school diploma or GED.
·
BS in Information Technology or equivalent technical discipline.
·
Three (3) to five (5) years of direct Cyber Engineer or information assurance experience.
·
Strong experience working with market standard Vulnerability Assessment tools and AI-powered security platforms (e.g., Darktrace, CrowdStrike Falcon, Microsoft Sentinel, or similar).
·
Experience with network monitoring, network security, network equipment programming, firewall configurations and DLP solutions, log monitoring and event correlation.
·
Experience with policy and process documentation.
·
Understanding of DNS, DHCP and LDAP.
·
System hardening experience utilizing STIGs, CIS or USGCB.
·
Security Incident Response experience.
·
Strong oral and written communication abilities with experience writing policies.
·
Possess strong analytical and troubleshooting skills.
·
Able to serve as a technical resource to IT staff.
·
Practical experience using AI/ML-powered security tools or SOAR platforms for threat detection, automated response, or security analytics.
·
Familiarity with AI governance frameworks and the security risks associated with enterprise deployment of generative AI and large language model (LLM) applications.
Preferred Qualifications:
·
CISM, CISA, CRIS, CISSP, Security+ or similar certification; AWS/Azure/GCP Security Specialty certification or AI/ML security training (e.g., GIAC GAIOPS, Google Professional ML Engineer, or vendor-specific AI security certifications) a plus.
Knowledge, Skills, and Abilities:
·
Ability to work independently and apply sound judgment and reasoning skills to a variety of situations.
·
Ability to multi-task and collaborate effectively with other personnel to meet deadlines.
·
Strong verbal and written communication, attention to detail, and organizational skills.
·
Ability to work within critical deadlines.
·
Ability to adjust to rapidly changing priorities and schedules.
·
Ability to provide excellent customer service.
Work Authorization
Applicants must be currently authorized to work in the US for any employer. Sponsorship is not
At Ziply Fiber, we believe every part of our region deserves fast, reliable internet access, including rural and underserved areas that have been historically overlooked by internet service providers. Since we launched in 2020, we’ve been rebuilding and expanding our locally owned and operated, purpose-built fiber network to meet the demands of today and generations to come.
