Information Security Engineer - Infrastructure & Compliance - King of Prussia, PA (Onsite) - NEED LOCALS to NJ / PA / MD / DE / DC

Hi,

Hope you are doing well.

Please go through the following requirements and let me know with your updated resume if you are comfortable.

Could you please share your consultant's

Job Title: Information Security Engineer – Infrastructure & Compliance

Location: King of Prussia, PA (Onsite) – NEED LOCALS to NJ / PA / MD / DE / DC
Employment Type: Long-Term Contract

Job Title: Information Security Engineer – Infrastructure & Compliance

Location: King of Prussia, PA (Onsite)
Employment Type: Long-Term Contract

Key Responsibilities

Security & Compliance

Serve as divisional lead for NIST 800-171 control alignment, tracking, and remediation.
Partner with Internal Audit and Enterprise Security to review non-compliance findings and drive resolution.
Maintain and improve Defender for Cloud posture management across Azure infrastructure.
Identify, prioritize, and remediate vulnerabilities across infrastructure, networks, and systems.
Develop and implement Linux patch management strategy and compliance reporting.
Contribute to policy documentation and control evidence collection for SOX and NIST readiness.

Infrastructure & Cloud Security Operations

Work closely with Infrastructure, Cloud Ops, and Application teams to assess risk and prevent operational disruption.
Integrate security best practices into Azure, network, and datacenter operations.
Utilize Defender, Azure Security Center, and related tools to monitor and report on environment health.
Coordinate with Cloud and Systems Engineers to validate patch success, compliance metrics, and configuration baselines.
Automate recurring security validation and compliance tasks using scripting (PowerShell, Python, Bash).

Governance, Reporting, and Training

Maintain centralized tracking for security initiatives, audit remediations, and policy adherence.
Partner with PMs to ensure remediation workstreams are integrated into project schedules.
Support KnowBe4 phishing campaign analysis and contribute to security awareness reinforcement.
Report key risk indicators (KRIs) and compliance metrics to leadership.

Required Qualifications

8 years of experience in Information Security, Infrastructure Engineering, or Cloud Operations.
Proven experience with Defender for Cloud, Azure Security Center, or equivalent platforms (e.g., Tanium, Nessus, Qualys).
Working knowledge of NIST 800-171, NIST CSF, or ISO 27001 frameworks.
Experience managing patching and vulnerability remediation across Windows and Linux environments.
Proficiency with scripting or automation tools (PowerShell, Python, Bash).
Familiarity with Active Directory, Azure AD, and network security principles.

Preferred Qualifications

Experience with Fortify or similar static code analysis tools.
Familiarity with KnowBe4, VRX, or patch compliance tracking systems.
Exposure to Azure DevOps, IaC, and configuration-as-code methodologies.
Security or cloud certifications (e.g., AZ-500, Security+, CISSP, or equivalent).

Success Measures

Reduction in open audit findings and non-compliant controls.
Establishment of measurable Linux and infrastructure patch compliance reporting.
Defender for Cloud secure score improvement over baseline.
Defined and repeatable NIST alignment process for divisional systems.
Improved coordination between Infrastructure, Cloud, and Security teams during vulnerability remediation.

Thanks

Sathish Korapati

Technical Recruiter