Security Engineer II

About this role

Company Overview
SCS Global Services is a pioneer and leader in the field of sustainability standards and third-party certification, working across the economy in the natural resources, built environment, food and agriculture, consumer products, and climate sectors for over 40 years. As a Benefit Corporation, we are committed to socially and environmentally responsible business practices, and through the application of sound science, we are driving positive change.

Job Overview
The Security Engineer II is responsible for the design, implementation, and lifecycle ownership of assigned security controls across identity, infrastructure, network, workload, and data layers. This role operates with a high degree of autonomy in a small team environment, independently identifying gaps, proposing remediation plans with estimated effort and complexity, and executing approved work. The ideal candidate brings deep infrastructure engineering knowledge to ensure security solutions are practical, operationally sound, and aligned with business impact. This role represents a fully independent individual contributor position and is differentiated from Security Engineer I by its expectation for independent scoping, design level ownership of security control implementations, with minimal day to day oversight.

Essential Duties and Responsibilities

• Design and implement security control architectures and reference implementation patterns aligned with ISO 27001:2022 and related security frameworks (CIS, NIST CSF, MITRE ATT&CK), within established organizational standards
• Engineer and maintain assigned security controls across the following domains: Identity: Entra ID/Conditional Access/MFA/PAM, Endpoint: Intune/EDR/XDR (CrowdStrike), Workloads: Azure/AWS security/container security/CI/CD controls, Data: DLP/encryption/key management
• Develop, maintain, and operationalize security standards, baselines, and reference architectures in partnership with IT and ap...