Junior Security Controls Engineer
Description
Position Overview
The Junior Security Controls Engineer supports the design, implementation, and maintenance of security controls that protect enterprise systems and data. This entry-level role focuses on configuration hardening, baseline enforcement, vulnerability mitigation support, and control monitoring across endpoints, servers, and cloud services. The role provides hands-on experience in control engineering while working under the guidance of senior engineers.
Job Details
Reports to | Director of Information Security |
Location | Boise, ID - Onsite |
Employment Type | Full-time |
Travel | Minimal (0–5%) |
On-Call | May participate in a rotating on‑call schedule for security engineering support |
Key Responsibilities
- Assist in implementing and maintaining security controls across endpoints, servers, and cloud environments (Azure/AWS).
- Support system hardening efforts using established benchmarks (e.g., CIS) and secure configuration baselines.
- Help remediate vulnerabilities through configuration changes and assist in applying compensating controls.
- Monitor configuration compliance and support drift detection and remediation activities.
- Execute control validation testing and document results for audit and compliance purposes.
- Develop basic automation scripts (PowerShell/Python) to support control enforcement and reporting.
- Partner with Vulnerability Management teams to track remediation progress and reduce risk exposure.
- Assist with documentation including standards, procedures, and runbooks for control operations.
- Support audit requests by gathering evidence and preparing reports under supervision.
Typical Deliverables
- Configuration baseline check reports and remediation tracking logs.
- Vulnerability mitigation support artifacts and tracking metrics.
- Control testing documentation and evidence packages.
- Basic automation scripts for control monitoring or reporting.
- Audit support documentation and evidence collection outputs.
Required Qualifications
- 1–3 years of experience in IT, systems administration, or cybersecurity roles.
- Basic understanding of operating systems (Windows/Linux) and security configurations.
- Familiarity with core cybersecurity concepts (authentication, access control, encryption, logging).
- Exposure to vulnerability scanning tools or endpoint security solutions is a plus.
- Basic scripting knowledge (PowerShell, Python, or similar) preferred.
- Strong attention to detail and ability to follow established procedures.
- Ability to learn quickly and adapt in a fast-paced technical environment.
Preferred Qualifications
- Experience in cybersecurity or systems administration.
- Familiarity with cloud platforms (Azure or AWS).
- Exposure to tools such as Microsoft Defender, Tenable, or similar platforms.
- Entry-level certifications such as Security+, AZ-900, or AWS Cloud Practitioner.
Core Competencies
- Strong problem-solving and analytical thinking.
- Detail-oriented with a focus on accuracy and consistency.
- Willingness to learn and take direction from senior engineers.
- Team collaboration and communication skills.
- Interest in cybersecurity and continuous improvement.
Success Measures (KPIs)
- Completion rate of assigned control tasks and remediation activities.
- Accuracy and quality of audit evidence preparation.
- Contribution to reduction of low/medium vulnerabilities.
- Timeliness of support in control validation and monitoring tasks.
- Growth in technical skills and certifications over time.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
EEO Statement
ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
California Privacy Notice
As an employer of California residents, we are dedicated to protecting your privacy rights. Any personal information you provide during the application process will be used solely for permitted internal purposes and will be handled in accordance with applicable privacy laws. By applying to this position, you consent to the collection, use, and disclosure of your personal information as described in our Employee Privacy Notice.