Security Engineer II

Brief Description
*Reporting to: Head of IT Operations

Location: Remote - US*
Collectivus Holdings guides many of the most prestigious brands in the Collecting, Trading Card Game, and Hobby industries. With a century's worth of collective experience in driving product and service innovation, high-end quality standards, and elevated customer experience, Collectivus brands are among the most recognized and loved throughout the world by the communities they serve.

Dragon Shield – Merchant Guild – Southern Hobby Distribution
Nashville – Aarhus – Lisbon – Worldwide
We're looking for a Security Engineer II to support the implementation and day-to-day management of security operations across our hybrid cloud and on-prem environments. This role is ideal for a technically skilled professional who enjoys solving complex security challenges, contributing to incident response and remediation efforts, and collaborating across teams to strengthen our overall security posture.
Responsibilities

• Threat Detection & Incident Response Monitor and triage security alerts from systems such as SIEM and XDR platforms. Investigate root causes, coordinate remediation efforts, and continuously optimize detection and alerting capabilities.
• Firewall & Perimeter Security Management Manage firewall rule sets, remote access, and perimeter security technologies. Conduct regular reviews and updates to ensure optimal configuration and minimize exposure.
• Vulnerability Management Oversee vulnerability scanning, prioritization, and remediation workflows. Collaborate with cross-functional teams to ensure timely risk mitigation and provide guidance on remediation strategies.
• Access Control & Identity Management Implement and support IAM policies, including role-based access control (RBAC), SSO, MFA, and the principle of least privilege.
• Compliance & Governance Support Contribute to maintaining compliance with standards such as SOC 2, ISO 27001, NIST, PCI, and GDPR through documentation, process improvements, and audit support.
• Documentation & Runbook Development Maintain accurate, up-to-date documentation for security tools, systems, and operational processes.
• Cross-Functional Collaboration Partner with IT, DevOps, and Engineering teams to ensure secure design, deployment, and maintenance of systems and applications.
• Technology Evaluation & Vendor Management Evaluate new security tools and services. Provide recommendations to strengthen the security posture and enhance infrastructure resilience.
• Security Training & Awareness Promote a security-first culture by delivering training, user awareness initiatives, and ongoing support across the organization.

Skills And Requirements

• 3+ years of experience in security engineering, with a focus on hybrid and cloud environments (AWS preferred)
• Experience securing public-facing applications and services using technologies such as WAFs and CDNs
• Proficiency with enterprise firewall platforms (e.g., Palo Alto, Fortinet), including VPNs, IDS/IPS, and URL filtering
• Strong knowledge of security and compliance frameworks (e.g., PCI, SOC 2, ISO 27001, NIST)
• Proven ability to lead incident response and manage vulnerability remediation processes
• Hands-on experience with IAM technologies, including SSO, MFA, and RBAC implementations
• Familiarity with modern infrastructure technologies such as Kubernetes, containers, and serverless services
• Excellent communication and collaboration skills, with the ability to clearly articulate complex security issues to technical and non-technical stakeholders
• Strong technical documentation and project management skills in fast-paced, agile environments