Posted: Oct 1, 2025
APPLY

Information Security Engineer (3670)

Rehmann - Grand Rapids, MI
Full-time
Application Deadline: N/A
Your passion. Your purpose. 
If you’re here, you’re looking for something more. More opportunity, more impact, more purpose. At Rehmann, each and every one of our associates plays a pivotal role in the Firm’s success. When you join our team, you can count on exceptional support, encouragement, and guidance from your colleagues and from leadership.
No matter where you want to go in your career, Rehmann can help you get there. Whether you’re in the early stages of your professional journey or you’re further down your path, we’re focused on helping you achieve your goals – whatever they may be. When you join Rehmann, you are part of a culture that Puts People First and aims to help everyone reach their fullest potential. Let us show you all the ways we can Empower Your Purpose.

We are seeking a talented associate to join our IT Information Security Team. 
This role supports security efforts including threat detection and response, vendor risk reviews, and project leadership for security tool evaluations and implementations. It will also involve collaboration with IT leadership, internal teams, and external partners to support the company’s overall security strategy.
 
How You Will Make an Impact at Rehmann:
  •  Working with a service team to meet client needs and objectives
  • Support the development and monitoring of a strategic, comprehensive enterprise information security and IT risk management program.
  • Collect, store, correlate, analyze, and respond to data from sensors, logs, and incident reports.
  • Assist in implementing and monitoring Data Loss Prevention (DLP) controls to safeguard sensitive data.
  • Continuously monitor and improve the organization’s data security posture by identifying sensitive data across environments, assessing associated risks, and implementing controls to ensure compliance and reduce exposure.
  • Lead response efforts for phishing incidents, including user communication and remediation.
  • Develop and maintain detection playbooks and runbooks for identity/email abuse, endpoint threats, and SaaS.
  • Execute incident response with blameless post-incident reviews; propose automation for repetitive actions with guardrails.
  • Maintain and publish up-to-date security policies, process documentation, standards, and guidelines.
  • Respond to and manage client and vendor security questionnaires (e.g., SIG, CAIQ) to ensure accurate representation of the organization’s security posture and compliance with industry standards.
  • Act as project lead for evaluations or implementations of security tools.
  • Research, evaluate, and recommend security-related hardware and software; develop business cases for investments.
  • Define and maintain baseline security configurations for operating systems, applications, mobile devices, and network equipment.
  • Assist in preparing periodic reports for upper management by providing technical metrics, analysis, and insights on the security program’s status.
  • Assist with security audits and system checkups (e.g., user access reviews, physical walkthroughs).
  • Perform risk reviews of potential and ongoing vendors from a data security standpoint.
  • Liaise with compliance, audit, legal, and HR teams as required.
  • Assist in managing and monitoring physical security systems, including access control and badge management, to ensure secure facilities and compliance with organizational security policies.
  • Perform vulnerability and threat assessments and drive prioritized remediation.
  • Stay current with industry trends, threats, and technologies and guide associates on security best practices and policies
Your Desired Skills, Values & Experiences:
  •  4+ years of relevant experience in IT Security or related technical role
  •  Bachelor’s degree in Computer Science, IT, or related field
  • Experience with Microsoft server environments, least privilege principles, vulnerability management, domain management, application whitelisting, EDR, and SIEM
  • Exposure to systems analysis, security solutions, application development, and infrastructure support
  • Familiarity with multi-platform environments and their operational/security considerations.
  • Experience in large organizations with complex regulatory requirements or CPA firms preferred.
  • Programming/script writing knowledge using PowerShell, Python, API, Go, bash, etc. for Security Orchestration and Automation Response (SOAR)
  • Clear, concise communication and collaborative approach with technical and non-technical stakeholders.
  • Ability to lead projects and influence independently with strong organizational skills and time management
  • Understanding of modern IT infrastructure.
  • Hands-on experience with EDR and SIEM (detection tuning), vulnerability management, and scripting (PowerShell or Python).
  • Working knowledge of identity/email security, networking fundamentals, and cloud platforms (M365/Azure or similar).
  • Familiarity with NIST CSF 2.0, ISO/IEC 27001:2022, and SOC 2 TSC (Security).
  • Certifications such as Security+, CySA+, GSEC, GCIH, GCIA, CEH, CISSP, CISM, CISA, CCSP, CASP+, or similar are helpful but not required.
We Put People First in all that we do. Our associates are our greatest assets and we provide programs and benefits that encourage growth and development and align with their needs and goals. This includes benefits focused on physical and mental health, paid time off for volunteering and diversity-related activities, flexible work arrangements, and more.
 
When you join Rehmann, you become part of a firm dedicated to helping Empower Your Purpose, whatever it may be.
 
Rehmann is an Equal Opportunity Employer.