Senior Security Controls Engineer
American Credit Acceptance
Position Overview
The Senior Security Controls Engineer designs, implements, and continuously improves technical security controls that reduce risk across on‑premises, cloud, and endpoint environments. This role specializes in hardening, benchmark compliance, configuration risk reduction, compensating controls for non‑patchable vulnerabilities, and control automation at scale. The engineer partners with IT operations, platform teams, and risk/compliance to ensure controls are effective, measurable, and audit‑ready.
Key Responsibilities
- Engineer and maintain preventive and detective controls across endpoints, servers, network, identity, and cloud services (Azure/AWS).
- Lead configuration hardening initiatives using industry benchmarks (e.g., CIS) and establish secure configuration baselines for common platforms (Windows, Linux, network devices, cloud services).
- Design compensating controls for vulnerabilities that cannot be remediated through patching (e.g., configuration changes, isolation, access controls, WAF rules, EDR policy tuning, segmentation).
- Own the technical control lifecycle: control requirements → design → implementation → testing/validation → monitoring → continuous improvement.
- Develop and maintain control-as-code and automation (PowerShell/Python/Terraform/CI-CD) to deploy and enforce configurations consistently.
- Implement configuration compliance monitoring, drift detection, and remediation workflows; integrate with ticketing/ITSM for exception handling.
- Partner with Vulnerability Management to translate findings into durable mitigations (hardening, compensating controls, secure defaults) and reduce recurring exposure.
- Collaborate with SOC/IR to improve detections and containment policies aligned to threats and incidents; tune controls based on lessons learned.
- Produce audit-ready evidence: control narratives, diagrams, test results, screenshots/exports, and KPI dashboards.
- Maintain standards, procedures, and runbooks for control engineering; mentor junior engineers and provide technical leadership to cross-functional teams.
Typical Deliverables
- Secure configuration baselines and reference architectures for key platforms.
- Benchmark compliance reporting (coverage, drift, exceptions) with remediation plans.
- Compensating control designs and validation artifacts for non-patchable risk.
- Automation modules/scripts (policy-as-code) to deploy or enforce controls at scale.
- Control test plans, operational metrics, and audit evidence packages.
Required Qualifications
- 7+ years in security engineering, systems engineering, or infrastructure engineering with a strong focus on security controls and hardening.
- Hands-on expertise with Windows and Linux hardening, identity controls, and endpoint security control configuration.
- Experience implementing benchmark-based configuration standards (e.g., CIS) and managing exceptions/risk acceptances.
- Strong understanding of networking fundamentals (segmentation, firewalls, proxies, routing) and how to apply compensating controls.
- Cloud security controls experience in Azure and/or AWS (IAM, network controls, logging, security services).
- Proficiency in scripting/automation (PowerShell and/or Python); familiarity with infrastructure as code (e.g., Terraform) preferred.
- Ability to translate risk into technical control requirements and document controls for audit and compliance purposes.
- Excellent written and verbal communication; ability to work across infrastructure, application, and governance teams.
Preferred Qualifications
- Experience with configuration management and compliance platforms (e.g., Intune, Group Policy, SCCM/MECM, Ansible, Chef, Puppet).
- Experience with vulnerability scanning and exposure management tools (e.g., Tenable, Qualys, Rapid7) and mitigation engineering workflows.
- Experience tuning EDR policies and implementing detection/response guardrails (e.g., Microsoft Defender for Endpoint, SentinelOne, CrowdStrike).
- Experience with SIEM/SOAR integration for control telemetry and automated response.
- Security certifications (one or more): CISSP, GIAC (GSEC/GCED/GCIA), CCSP, AZ-500, AWS Security Specialty, or equivalent.
- Prior work in regulated industries (financial services, healthcare) with control evidence expectations (SOC 2, PCI DSS, GLBA).
Core Competencies
- Control engineering mindset: designs controls that are measurable, testable, and durable.
- Risk-based prioritization: focuses effort where likelihood and impact are highest.
- Systems thinking: understands dependencies and minimizes operational disruption.
- Automation-first: reduces manual work by codifying and scaling controls.
- Stakeholder partnership: collaborates with IT and product teams to drive adoption.
Success Measures (KPIs)
- Reduction in recurring high/critical findings attributable to configuration or control gaps.
- Benchmark compliance coverage (%) and drift rate over time across in-scope assets.
- Mean time to mitigate (MTTM) for non-patchable vulnerabilities using compensating controls.
- Control effectiveness test pass rate and audit evidence readiness (time to produce evidence).
- Automation impact: number of controls deployed/enforced via code and reduction in manual effort.
Working Conditions
This role requires the ability to work effectively with production systems and coordinate maintenance windows, change control, and emergency response activities when required. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. EEO Statement ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. California Privacy Notice As an employer of California residents, we are dedicated to protecting your privacy rights. Any personal information you provide during the application process will be used solely for permitted internal purposes and will be handled in accordance with applicable privacy laws. By applying to this position, you consent to the collection, use, and disclosure of your personal information as described in our Employee Privacy Notice.
$71.2k - $166.1k
...Job Description The Senior Federal Information Systems Security Engineer (ISSE) serves as a technical integrator responsible for ensuring that system-to-... ...Produce high-quality connectivity artifacts (Interface Control Documents for Connectivity [ICD-C]) required for...SeniorContract workTemporary workWork experience placementRelocationFlexible hours- ...Description Position Overview The Junior Security Controls Engineer supports the design, implementation, and maintenance of security controls... ...in control engineering while working under the guidance of senior engineers. Job Details Reports to Director of...SuggestedFull timeLocal area
- ...Performance Bonus Responsibilities: Conduct Electrical engineering services and consulting on low to medium voltage power in... ...experience with design management and project management of Power and Control system projects ~ Experience with voltage drop, harmonic...SeniorRelocation package
- ...Trinnex is seeking a Senior Cyber Security Analyst to join their Security Team. This role focuses on securing software development and protecting... ...threats, lead incident responses, and collaborate with engineering teams to improve security practices. Applicants should have...Senior
$102.17k
...country. Job Description Join the Trinnex Security Team as a Senior Cyber Security Analyst, where you... ...lifecycle—embedding security controls, identifying vulnerabilities, and ensuring... ...threats. You will work closely with engineering and development teams to safeguard systems...SeniorH1b$98.9k
...What you can expect The Security Engineer is responsible for security design and reviews across our products and services. The ideal candidate brings broad technical expertise and hands-on experience in end-to-end product security. In this role, you’ll collaborate with...Work at officeRemote work$40k
...mission‑critical programs across national security, defense, and public service delivery.... ...national scale. The Junior Security Engineer supports 24x7 enterprise cybersecurity operations... ...activities. The role works under senior guidance to execute defined cyber...Contract workRemote work- ...Senior Cybersecurity Analyst Anywhere Type: Contract-to-Hire Category: Security Industry: Government Workplace Type: Remote Reference ID: JN -062026-107364 Date Posted: 07/09/2026 Shortcut: Description Recommended Jobs Description...SeniorHourly payPermanent employmentContract workLocal areaRemote work
$191.15k - $212.05k
...Senior Principal Asic Fpga Engineer Responsibilities for this Position Duties and Tasks: Responsible for definition, design, verification... ...Cost Account Management (Cam), and Statistical Process Controls Demonstrated ability to manage scope growth...SeniorFor subcontractorWork at officeFlexible hours- ...North America and is looking for a Senior Substation Physical Engineer in its Energy & Power Group to tackle... ...modernization to deliver a cleaner and more secure energy future. As a Senior... ...(GIS), Switchgear buildings, Control house, underground cable potheads, etc...SeniorWork at office
- ...compliance-driven environments - Familiarity with network security concepts, including firewalls, access control, and traffic monitoring - Experience or exposure... ...market and internal value analysis including seniority and merit systems, as well as internal pay...Minimum wageContract workTemporary workWork experience placementRemote work
$150k - $185k
A leading global engineering firm is seeking a Pricing Senior Manager to oversee cost proposal development and pricing strategies. The successful candidate will manage daily work assignments, develop project schedules, and maintain relationships with program managers to...SeniorRemote work$120k - $160k
...WCL Group in Boise, Idaho is seeking a Senior Project Controller / Cost Analyst to manage project cost controls and financial reporting for large construction projects. The ideal candidate will have 6-10+ years of experience in project controls and a strong understanding...Senior$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...SeniorHourly payContract workFor contractorsWork experience placementRemote work- Licensed Professional Mental Health Counselor The VISN Clinical Resource Hub (CRH) Behavioral Health Interdisciplinary Program Team (BHIP) Licensed Professional Mental Health Counselor position is a VISN based position located in VISN 20. A Clinical Resource Hub (CRH...Senior
- Cardinal Health is seeking a Senior Coordinator for Prior Authorization. In this fully remote position, you'll manage payer approvals for durable medical equipment orders, ensuring compliance with quality standards and deadlines. Responsibilities include preparing authorization...SeniorRemote work
$170k - $215k
...Dormont Manufacturing Co is seeking a Senior Risk Officer to oversee risk management and compliance in Garden City, Idaho. The role includes supervising risk functions and ensuring adherence to regulatory standards. The ideal candidate will hold a Bachelor’s degree and...Senior$90k - $360k
Curvion Blue in Boise, Idaho seeks experienced High Ticket Closers for an Independent Contractor Role. You will engage with founders and business owners, using consultative selling to discuss business strategy and leadership challenges, aiming to achieve significant revenue...SeniorFor contractorsRemote work- A healthcare organization in Boise, Idaho, is seeking an experienced accountant to perform professional accounting duties. You will compile, consolidate, and analyze financial information, prepare journal entries, and lead project teams for special projects. The ideal ...Senior
$92k - $126.5k
...A national engineering firm is looking for a Senior Subcontract Administrator in Boise, Idaho. You will be responsible for leading procurement planning, overseeing subcontracting assignments, and preparing proposal deliverables for major construction projects. The role...Senior$161.5k - $184.3k
A leading software company is seeking a Senior Marketing Analyst. You will be the analytical partner for Marketing and Sales, developing strategies to enhance B2B growth. The role demands extensive experience in marketing analytics and data visualization, along with strong...SeniorRemote work$135.2k - $306.4k
...attended RustCon 2025. This posting is made for RustCon 2025 attendees interested in Oracle opportunities. We are facing several engineering challenges in critical foundational data-plane services that powers the next gen OCI cloud. We need you to challenge existing...SeniorTemporary workWork experience placementLocal areaRemote workFlexible hours$124.5k - $168.08k
...Infrastructure Modernization business unit is seeking a Senior Principal Software Engineer to serve as a visionary and hands-on technical leader for... ...reliable, performant, operationally simple, and highly secure. Key modernization initiatives will include: Embedding generative...SeniorRemote workWorldwide$177k - $387k
...Micron Technology is seeking a Senior Member of the Technical Staff in Boise, ID. This role focuses on advancing SSD and NAND technologies... ...candidate will possess a degree in Electrical or Computer Engineering and have a strong background in data center solutions....Senior- Deercreekseniorliving in Boise, Idaho is seeking a Maintenance Assistant to deliver preventative maintenance and assist residents. Responsibilities include building and grounds maintenance, responding to maintenance emergencies, and troubleshooting issues independently...Senior
- A technology company in Boise, ID is seeking an experienced Quality Assurance professional to design and maintain automated test scripts. The ideal candidate will have 5-7 years of QA experience, strong skills in JMeter, SQL, and manual testing. Responsibilities include...Senior
- ...A leading financial services company is seeking a Senior Manager, Strategic Business Development to drive new mid-market business. This remote position involves managing the sales lifecycle, fostering strategic relationships, and collaborating with cross-functional teams...SeniorRemote work
- A leading analytics technology firm is seeking an experienced Quality Assurance professional to design and develop automated test scripts and conduct performance testing. Responsibilities include manual testing, collaboration with development teams, and regression testing...Senior
- ...Serco is seeking a remote Engineering Technical Senior Supervisor to support US Navy programs. This role requires an active DoW Secret security clearance and ten years of supervisory experience. The successful candidate will oversee complex systems' planning, integration...SeniorRemote work
$25k - $50k
...Job Description Job Description What we're looking for: We need a senior civil litigator with 12+ years of practice experience who can independently manage a full litigation docket from day one. You should be comfortable in the courtroom with strong motion practice...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Security Controls Engineer. Be the first to apply!
- information technology security engineer Boise, ID
- security engineer Boise, ID
- senior application security engineer Boise, ID
- aws cloud security engineer Boise, ID
- IT security engineer Boise, ID
- network security engineer Boise, ID
- senior cloud security engineer Boise, ID
- senior robotics software engineer Boise, ID
- senior consulting engineer Boise, ID
- senior staff systems engineer Boise, ID



