Sr. Information Security Engineer
Company: Bandwidth
Location: Raleigh
Posted on: February 16, 2026
|
|
|
Job Description:
Job Description Job Description Who We Are: Bandwidth , a prior
"Best of EC" award winner, is a global software company that helps
enterprises deliver exceptional experiences through voice,
messaging, and emergency services. Reaching 65 countries and over
90 percent of the global economy, we're the only provider offering
an owned communications cloud that delivers advanced automation, AI
integrations, global reach, and premium human support. Bandwidth is
trusted for mission-critical communications by the Global 2000,
hyperscalers, and SaaS builders! At Bandwidth, your music matters
when you are part of the BAND. We celebrate differences and
encourage BANDmates to be their authentic selves. jointheband What
We Are Looking For: The mission of the Security Operations team is
to build, deploy, and operate information security systems,
infrastructure, and tools. The Senior Security Engineer will act as
a leader in monitoring, administration, ticketing and support. In
addition, mentoring other security team members in operations
functions, as well as assisting management in growing and maturing
security detection, monitoring and response. As a Senior Security
Engineer, you will work closely with not only other Information
Security teams but also partner with the IT, development and
architecture organizations. You will be part of a talented team of
security professionals who demonstrate superb technical competency,
delivering mission critical infrastructure and ensuring the highest
levels of availability, performance and security across the
enterprise. What You'll Do: Provide technical and operational
leadership for aspects of security operations, security
architecture and security tools administration. Serve as an
escalation point in incident response scenarios; acting as the
incident lead and conducting investigations and forensics as
needed. Actively engages in the performance of Incident Response
activities, including but not limited to, triage, escalation,
conducting post-mortem and lessons learned, as well as remediation
tracking. Displays a strong knowledge and understanding of the
utilization of various security tools include SIEM, SOAR,
vulnerability scanners, CSPM, and EDR Advanced understanding of
securing both cloud-based (AWS, GCP) and on-prem workloads
including traditional architecture design and containerized
environments. Identify gaps in current monitoring or operational
processes and workflows, and recommend changes or enhancements to
improve efficiency through security best practices Provide security
consulting on medium to large scale projects for internal clients
to ensure conformity with corporate information, security policy
and standards Drive vulnerability management and remediation
efforts - prioritizing issues, implementing mitigations, and
designing strategic preventative and compensating controls Drives
process improvement and control implementation projects in
coordination with the other Enterprise teams Engages with
neighboring Bandwidth technology teams to drive awareness and
compliance to security policies and standards Participate in
security on-call rotation, supporting off-hours general security
incidents and production systems. Maintain working relationships
with business partners to understand business processes, and the
impact of implementing security controls in their ability to do
business Train and mentor team members for security operations,
support, and/or administration tasks What You Need: Education:
Degree in an IT or Information Security discipline or other
equivalent combination of education and/or experience that is
focused on IT Security and Technology Operations. One or more of
the following certifications: GIAC Information Security
Professional (GISP) Certified Information Systems Security
Professional (CISSP) AWS Certified Security Specialty Experience: 5
or more years of specific Security Operations experience required.
5 or more years SIEM, SOAR and vulnerability management experience,
including integrating endpoints 3 or more years of incident
response experience across a variety of environments and resource
types: on-prem, cloud, endpoints, servers, containers, etc.
Knowledge: Familiarity with cutting-edge security technologies such
as Zero-Trust Network Access, SSO, Endpoint Detection and Response
(EDR), and Security Incident and Event Management required (SIEM).
Experience working in multi-cloud organizations utilizing cloud
security posture management (CSPM) and cloud-native security tools
with a "shift-left" DevSecOps mentality Experience working with a
third-party Managed Security Service Provider (MSSP) Skills:
Proficient in Windows and Linux operating systems. Ability to
analyze a complex technical environment and quickly build a
conceptual understanding of how the pieces all fit together
Proficient in automation and scripting languages (Python, Bash,
etc) Ability to analyze and correlate information from multiple
sources to determine and articulate potential risk to the business
in non-technical terms. Team player with strong communication
skills, ability to collaborate with highly technical colleagues and
non-technical end-users at a level they can understand. Bonus
Points: Experience: Hands-on experience with Wiz and CrowdStrike -
cloud security and container security . Hands-on experience with
AWS / cloud security tools (Guard Duty, Amazon Inspector, AWS
Shield,Wiz, Lacework, etc.) Strong knowledge of SIEM tools and
logging (Splunk, Sumo Logic, Data Dog, Qualys) Understanding of
maintaining and administering endpoint detection response tools
(CrowdStrike, FireEye, etc) Foundational knowledge of Ai - LLMs
(language learning models), MCP (model context protocol) and the
impacts of these on securing organizational resources. Knowledge:
Understanding of authentication and authorization mechanisms.
Familiar with data classification, data protection, and secure data
handling practices. Understanding of regulatory requirements (SOX,
GDPR, HIPAA … ) The Whole Person Promise: At Bandwidth, we're
pretty proud of our corporate culture, which is rooted in our
"Whole Person Promise." We promise all employees that they can have
meaningful work AND a full life, and we provide a work environment
geared toward enriching your body, mind, and spirit. How do we do
that? Well… 100% company-paid Medical, Vision, & Dental coverage
for you and your family with low deductibles and low out-of-pocket
expenses. All new hires receive four weeks of PTO. PTO Embargo.
When you take time off (of any kind!) you're embargoed from
working. Bandmates and managers are not allowed to interrupt your
PTO – not even with email. Additional PTO can be earned throughout
the year through volunteer hours and Bandwidth challenges. "Mahalo
moments" program grants additional time off for life's most
important moments like graduations, buying a first home, getting
married, wedding anniversaries (every five years), and the birth of
a grandchild. 90-Minute Workout Lunches and unlimited meetings with
our very own nutritionist. Are you excited about the position and
its responsibilities, but not sure if you're 100% qualified? Do you
feel you can work to help us crush the mission? If you answered
'yes' to both of these questions, we encourage you to apply! You
won't want to miss the opportunity to be a part of the BAND.
Applicant Privacy Notice
Keywords: Bandwidth, Chapel Hill , Sr. Information Security Engineer, IT / Software / Systems , Raleigh, North Carolina
