JOB TITLE: Infrastructure Security Engineer LOCATION: Santiago, DR Working Model: Hybrid after 2 weeks of on-site training GENERAL DESCRIPTION OR PURPOSE OF JOB: The Infrastructure Security Engineer role combines technical expertise with process-oriented skills, serving as the primary security specialist to ensure enterprise infrastructure integrity, compliance, and resilience. The engineer will collaborate with Operations Engineers, Engineers, and Senior Engineers, focusing on network, storage/backup, virtualization/VDI, Windows/Linux systems, voice, and AWS/cloud environments. This role offers an opportunity to enhance Jostens Inc.'s security posture within a collaborative Infrastructure Engineering team, requiring a professional demeanor and dedication to high security and compliance standards. The role operates at the Engineer level, taking direction from Senior Engineers. RESPONSIBILITIES / ESSENTIAL FUNCTIONS: Item Responsibility/Function %Time 1 Security Governance & Compliance: + Act as the team’s security expert, providing guidance on SOC 2, PCI DSS 4.0, vulnerability management, and related processes. + Support compliance audits by interfacing with auditors, providing documentation, and demonstrating process adherence for SOC 2 and PCI DSS 4.0. + Maintain and update security documentation in Confluence, ensuring alignment with organizational policies without setting or altering them. 25% 2 Security Processes & Operations: + Define and document security processes (e.g., vulnerability remediation, incident response) under Senior Engineer guidance, ensuring compliance and efficiency. + Meet regularly with the Security team to review vulnerability tickets, reports, and assessments, prioritizing remediation across infrastructure components (e.g., firewalls, DNS, TLS, AD, cloud integrations). + Support problem management by triaging alerts, identifying recurring security issues, and contributing to platform-wide enhancements under Senior Engineer guidance. 25% 3 Security Engineering & Project Support: + Collaborate with Senior Engineers to integrate security into designs and projects (e.g., network segmentation, FortiMonitor, Azure Arc for server patching). + Contribute to audits, pilots, and upgrades, balancing a 150% project workload focused on security and infrastructure enhancements. 25% 4 Monitoring, Metrics & Reporting: + Monitor and report security metrics using tools like FortiMonitor, FortiAnalyzer, and vendor partnerships (e.g., Fortinet, F5, Cisco), supporting the 5-year infrastructure roadmap. 15% 5 Team Development & Knowledge Sharing: + Mentor junior team members on security topics, using the team’s 0–4 skill matrix for cross-training. 10% Required: + Bachelor’s degree in Computer Science, IT, Cybersecurity, or equivalent experience. + 3–5 years in infrastructure/security roles with cloud/hybrid exposure. + Strong knowledge of vulnerability management, threat assessment, and risk mitigation in enterprise environments. + Proficiency in SOC 2 and PCI DSS 4.0, with experience in documentation, auditing, and process implementation. + Familiarity with security tools (e.g., Fortinet firewalls, F5 load balancers, FortiMonitor/FortiAnalyzer, AWS, Azure Arc). + Understanding of infrastructure domains: network routing/switching, DNS/TLS, AD, virtualization (VMware, Citrix/VDI), storage/backup (Cohesity, Isilon), Windows/Linux OS. + Ability to define, document, and refine security processes for practicality and compliance. + Experience with auditors, including audit preparation and process adherence demonstration. + Strong analytical and problem-solving skills for triage, escalation, and resolution of security incidents. + Excellent English communication skills (written and verbal) for collaboration, reviews, presentations, and auditor interfacing. + Ability to work under senior guidance with initiative in high-workload settings, adaptable to hybrid or full remote work arrangements. Preferred: + CompTIA Security+, CISSP, or AWS Certified Security Certifications + Commitment to professional development using resources like Udemy, Pluralsight, and Cloud Academy. Ability to thrive in a structured model with documentation hubs, alerting systems, and skill development initiatives, whether working hybrid or fully remote