Security Engineer

2+ years of experience in IT support, security engineering, or compliance. Knowledge of (or strong interest in learning) security frameworks like SOC 2 or ISO 27001. Familiarity with vulnerability management tools and processes. Hands-on experience troubleshooting IT issues (macOS, Windows, SaaS tools, identity management). Strong written communication skills and attention to detail. Proactive, curious, and eager to learn. Thrives in a collaborative remote environment and enjoys working across teams.

Maintain and improve Overstory’s compliance platform in its support of SOC 2, ISO27001 and other frameworks. Monitor and track vulnerabilities across infrastructure and applications, coordinating with and assisting engineering teams for timely remediation. Provide limited IT support for onboarding, offboarding, access management, and endpoint security. Conduct vendor security reviews to manage third-party risk. Support SOC 2 and ISO27001 audit compliance, including evidence gathering and control monitoring. Assist with customer security questionnaires and maintain a knowledge base of standard responses.