Cyber Security Engineer

About Wellspring

Wellspring Worldwide, Inc. is a leading provider of web-based software systems for managing research, technology commercialization, and innovation operations for universities, companies, government agencies, and independent labs. Founded in 2003, Wellspring has grown to serve over 500 organizations globally, including Fortune 500 companies, SMEs, hospitals, and universities. The company’s flagship products—Sophia, Flintbox, and Zeto—enable organizations to manage the entire innovation lifecycle, from discovery and IP management to commercialization and knowledge transfer.

General Summary

We are seeking a motivated Security Engineer to join our security and compliance team. This role is ideal for someone early in their career who has experience supporting ISO 27001 and SOC 2 initiatives, exposure to cloud and network security, and hands-on familiarity with identity and access management (IAM) and single sign-on (SSO) platforms. The Security Engineer will assist in maintaining secure systems, supporting audits, and collaborating with IT and engineering teams to strengthen our overall security posture.

Key Responsibilities

• Assist in maintaining compliance with ISO 27001 and SOC 2 frameworks, including documentation, evidence gathering, and control implementation.
• Support cloud security operations (AWS, Azure, or GCP), focusing on identity management, configuration reviews, and security monitoring.
• Contribute to network security tasks such as firewall rule reviews, VPN configuration support, and log analysis.
• Help implement and maintain SSO integrations (SAML, OIDC) and multi-factor authentication across enterprise applications.
• Perform and document vulnerability scans, track remediation efforts, and assist in patch management processes.
• Collaborate with IT, DevOps, and Engineering teams to align technical controls with security policies.
• Participate in security incident response activities, including initial triage and escalation.
• Identify gaps between security processes and policies and assist with alignment.
• Contribute to training materials and ensure training compliance.
• Stay current on emerging security threats, tools, and compliance requirements.

Qualifications

• 1–3 years of professional experience in IT security, systems administration, or a related technical field.
• Familiarity with ISO 27001 and SOC 2 compliance frameworks.
• Hands-on experience with cloud platforms (AWS, Azure, or GCP).
• Understanding of networking fundamentals (TCP/IP, firewalls, VPNs, IDS/IPS).
• Experience with IAM / SSO technologies (Okta, Azure AD, Entra ID, Ping, etc.).
• Basic knowledge of vulnerability management tools and security monitoring practices.
• Strong written and verbal communication skills; ability to document processes clearly.

Nice To Have

• Exposure to additional compliance frameworks (FedRAMP, HIPAA, GDPR).
• Experience with scripting or automation (Python, PowerShell, Bash).
• Familiarity with SIEM platforms (Splunk, Sentinel, etc.).
• Security-related certifications (CompTIA Security+, CCSP, ISO 27001 Internal Auditor) a plus.

Additional Requirements

• US Citizenship required and you must work in the United States to qualify for this role.