remote

Senior IT Security Engineer - NetBrain

Security Engineer

Senior IT Security Engineer responsible for leading ISO 27001 and SOC 2 certification, implementing cloud security controls, conducting risk assessments, and managing vulnerability remediation to ensure the SaaS platform is audit‑ready and secure.

About the role

Founded in 2004, NetBrain is the leader in no-code network automation. Its ground-breaking Next-Gen platform provides IT operations teams with the ability to scale their hybrid multi-cloud connected networks by automating the processes associated with Diagnostic Troubleshooting, Outage Prevention and Protected Change Management. Today, over 2,500 of the world’s largest enterprises and managed services providers leverage NetBrain ’s platform.

What We Need

NetBrain is looking for an analytically-inclined and detail-oriented Senior IT Security Engineer to drive our ISO 27001 and SOC 2 certification efforts, ensuring IT security is fully aligned and audit-ready for our SaaS product launch. This person will collaborate cross-functionally and define, implement and enforce security requirements and standards.

What You'll Do

You will drive ISO 27001 certification and SOC 2 Type II attestation initiatives end-to-end — from initial gap analysis and control design through evidence collection, audit coordination, and successful certification to support NetBrain ’s new SaaS business.
Build and mature NetBrain ’s GRC (Governance, Risk & Compliance) program — conduct risk assessments, maintain the risk register, define control owners, and produce compliance reporting that gives leadership clear visibility into security posture.
Translate compliance framework requirements into practical, scalable security policies, standards, and procedures and partner with cross-functional teams (engineering, product, legal, IT) to embed them into daily operations and product development workflows.
Define and enforce IAM (Identity & Access Management) standards — including SSO, MFA, RBAC, and periodic access reviews — across both corporate IT and SaaS product environments to satisfy audit requirements and enforce least-privilege principles.
Implement and manage SIEM platforms for centralized security monitoring, log aggregation, and alerting to meet audit evidence requirements and provide real-time threat visibility across cloud and on-premise infrastructure.
Own the vulnerability management lifecycle — deploy and operate scanning tools, define remediation SLAs, track closure rates, and report on risk reduction metrics to demonstrate continuous improvement to auditors and stakeholders.
Develop and maintain incident response plans, playbooks, and escalation procedures aligned with ISO 27001 and SOC 2 control requirements; lead tabletop exercises and coordinate response during security events.
Evaluate and manage third-party vendor risk — conduct security assessments of SaaS vendors and partners, manage security questionnaires, and maintain a supplier risk register aligned with compliance framework requirements.
Design and deliver security awareness training programs that drive adoption of security best practices across the organization and satisfy compliance training requirements for

About the role

What We Need

What You'll Do

You will drive ISO 27001 certification and SOC 2 Type II attestation initiatives end-to-end — from initial gap analysis and control design through evidence collection, audit coordination, and successful certification to support NetBrain ’s new SaaS business.
Build and mature NetBrain ’s GRC (Governance, Risk & Compliance) program — conduct risk assessments, maintain the risk register, define control owners, and produce compliance reporting that gives leadership clear visibility into security posture.
Translate compliance framework requirements into practical, scalable security policies, standards, and procedures and partner with cross-functional teams (engineering, product, legal, IT) to embed them into daily operations and product development workflows.
Define and enforce IAM (Identity & Access Management) standards — including SSO, MFA, RBAC, and periodic access reviews — across both corporate IT and SaaS product environments to satisfy audit requirements and enforce least-privilege principles.
Implement and manage SIEM platforms for centralized security monitoring, log aggregation, and alerting to meet audit evidence requirements and provide real-time threat visibility across cloud and on-premise infrastructure.
Own the vulnerability management lifecycle — deploy and operate scanning tools, define remediation SLAs, track closure rates, and report on risk reduction metrics to demonstrate continuous improvement to auditors and stakeholders.
Develop and maintain incident response plans, playbooks, and escalation procedures aligned with ISO 27001 and SOC 2 control requirements; lead tabletop exercises and coordinate response during security events.
Evaluate and manage third-party vendor risk — conduct security assessments of SaaS vendors and partners, manage security questionnaires, and maintain a supplier risk register aligned with compliance framework requirements.
Design and deliver security awareness training programs that drive adoption of security best practices across the organization and satisfy compliance training requirements for

Senior IT Security Engineer - NetBrain

About the role

Senior IT Security Engineer - NetBrain

About the role

Skills