Infrastructure Security Engineer

Great benefits. Competitive pay. We know these are some of the things people look for in a job .

If you're the kind of person who believes that honoring and empowering our nation's veterans is more than just a cause - that it's a calling - then we're ready to meet you.

When you join Wounded Warrior Project (WWP), you're committing to making a difference. We make a commitment to you, too - helping you to find that spark, ignite your passion to serve, and embark on a career with meaning and purpose.

At WWP, we recognize our mission cannot be accomplished without our talented teammates, which is why we're proud to offer benefits such as :

• A flexible hybrid work schedule (three days in the office, two days' work from home)
• Full medical, dental, and vision coverage for both teammates AND family members
• Competitive pay and performance incentives
• A fun, mission-focused, and collaborative team environment

A mission that matters is just the beginning, so if you're ready to get started, we're ready for you.

The Wounded Warrior Project (WWP) Infrastructure Security Engineer I is responsible for maintaining the security and compliance of servers, virtual machines (VMs), and network devices across both on-premises and Azure environments. This role includes applying security patches, implementing secure configurations, coordinating with cross-functional teams, and validating security remediations to protect the organization's IT infrastructure from vulnerabilities.

DUTIES & RESPONSIBILITIES

Apply patches and security updates to servers, VMs, and network devices using tools such as Azure Update Manager, Intune, and GPO.

Follow step-by-step remediation instructions from IT Security and validate implementations to ensure compliance.

Manage the backlog of assigned vulnerabilities, including prioritizing and tracking remediation efforts in OneNote and Jira.

Implement, validate, and baseline secure configurations for servers, VMs, and network devices in both Azure and on-premises environments.

Research and apply best practices from sources such as Microsoft, Cisco, and NIST to maintain secure baselines.

Validate changes using monitoring tools (e.g., Rapid7, SentinelOne, Microsoft Defender for Endpoint, Azure Security Center) and operational checks (e.g., logging, alerting, and backups) to confirm compliance and prevent disruptions.

Coordinate with relevant technical teams to validate remediation feasibility and address dependencies.

Partner with security stakeholders to interpret and implement security requirements for infrastructure.

Collaborate with cross-functional teams to align remediation efforts and ensure operational stability.

Document work clearly in tools such as OneNote and Jira, capturing configuration changes, patch status, and compliance tracking while supporting shared understanding of security best practices.

Contribute to compliance dashboards and KPIs, ensuring accurate reporting of the organization's security posture.

Manage rollout strategies and rollback procedures to minimize operational risk.

Attend and actively participate in required training and / or meetings, including but not limited to New Teammate Orientation, WWP Cares, ASIST Suicide Prevention training, Leadership training, culture / team based training, or departmental huddles.

Other related duties as assigned.

KNOWLEDGE, SKILLS, & ABILITIES

Knowledge of server, virtual machine (VM), and network device patching, security hardening, and vulnerability remediation.

Familiarity with vulnerability management and endpoint protection tools, such as Rapid7, SentinelOne, Microsoft Defender for Endpoint, and Azure Security Center.

Skilled in managing Network Security Groups (NSGs) and next-generation firewalls (NGFWs) to secure network traffic and enforce security policies.

Knowledge of hybrid cloud environments, including Azure Active Directory, Intune, Update Manager, and secure configuration management practices.

Strong understanding of industry security standards and frameworks (e.g., NIST, CIS, Microsoft, Cisco).

Proven ability to assess security risks, prioritize remediation efforts, and validate configuration changes without introducing operational risk.

Demonstrated ability to interpret and implement complex security requirements for network infrastructure, including firewall rule creation and NSG management.

Adept at communicating and documenting technical information clearly for both teammates and leadership.

Ability to collaborate effectively with cross-functional teams, including network, systems, and security personnel.

Proficient at managing competing priorities, tracking progress, and meeting deadlines using project management and documentation tools such as Jira and OneNote.

Willingness to collaborate with peers and contribute to process enhancements and team growth.

Unequivocal commitment to the highest standards of personal and business ethics and conduct.

Mission-driven, guided by core values, and a pleasure to work with.

EXPERIENCE

Requirements

Five years of experience in systems administration or infrastructure engineering, with a focus on server, VM, and network device security.

Three years of experience in vulnerability management, patch management, or endpoint protection, utilizing tools such as Rapid7, SentinelOne, Microsoft Defender for Endpoint, or Azure Security Center.

Two years of hands-on experience with Azure services, including Azure Active Directory, Intune, Update Manager, and secure configuration management.

Two years of experience applying security frameworks and standards, including NIST, CIS, and Microsoft security baselines.

Two years of experience managing network security in hybrid cloud environments, including configuring and maintaining Network Security Groups (NSGs) and next-generation firewalls (NGFWs).

Preferences

Experience coordinating with cross-functional teams to remediate security vulnerabilities and validate secure configurations.

EDUCATION

Requirements

Bachelor's degree in information technology, computer science, cybersecurity, or related field. Equivalent combination of applicable education, training, certification, and experience may be considered in lieu of degree.

Preferences

Bachelor's degree in information technology, computer science, cybersecurity, or related field.

CERTIFICATIONS & LICENSURE

Requirements

Cisco Certified Network Associate (CCNA) Certification.

Preferences

Cisco Certified Network Professional (CCNP) Security Certification.

Certified Information Systems Security Professional (CISSP) Certification.

Microsoft Certified : Azure Security Engineer Associate (AZ-500).

Microsoft Certified : Identity and Access Administrator Associate (SC-300).

WORK ENVIRONMENT / PHYSICAL DEMANDS

General office environment; temperature controlled.

Up to 10% travel.

#LI-HYBRID

Wounded Warrior Project is an equal opportunity employer committed to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, marital status, citizenship, age, veteran or military status, disability, genetic information, or any other characteristic protected by law.

Please note :

Wounded Warrior Project is not seeking assistance or accepting unsolicited resumes from search firms without a written search agreement in place. All resumes submitted by search firms to any employee at Wounded Warrior Project via email, the Internet or directly to hiring managers at Wounded Warrior Project in any form without a valid written search agreement in place will be deemed the sole property of Wounded Warrior Project, and no fee will be paid in the event the candidate is hired by Wounded Warrior Project as a result of the referral or through other means."