Senior Security Engineer – Penetration Testing, Vulnerability Management & Enterprise Infrastructure Security Medellin, Colombia | Posted on 03/25/2026 InterScripts is a Information Technology business based in Chantilly,VA and established in 2017 providing technology and platform enabled servicesand solutions. Historically, we have enabled our customers to realize the most value from their technology and resources through our Managed Services, Archival Solution, EHR, ERP, Advisory, Virtual Care, Technology, Application Development, and Cybersecurity services. In addition, InterScripts has substantial experience in providing Technology and Platform Enabled solutions to commercial, public sector, and government entities. We are an ISO 27001, 9001 CMMI 3 and SOC 2 certified organization, signifying our ability to lower the risks for our clients’ application modernization efforts, custom development, support, operations, and MSP projects. Job Description Role Overview We are looking for a Senior Security Engineer to help strengthen and scale security across complex enterprise cloud and on‑prem infrastructure . This is a hands‑on role for a seasoned professional with deep experience in penetration testing, vulnerability assessments, infrastructure hardening, and enterprise security operations . The ideal candidate brings a strong blend of offensive and defensive security knowledge, has worked in large organizations with diverse environments , and is comfortable identifying risks, validating exposures, and partnering across infrastructure, cloud, and engineering teams to drive remediation. This role is well suited for a security professional who thrives in high‑impact environments, enjoys solving complex security challenges, and can operate across both strategic and technical layers of enterprise security. Key Responsibilities Penetration Testing & Security Assessments Conduct and support penetration testing activities across cloud, on‑prem, network, application, and infrastructure environments. Perform vulnerability assessments , validation testing, and risk‑based analysis of security exposures. Simulate adversarial techniques to identify weaknesses in systems, services, architecture, and configurations. Document findings clearly and provide practical remediation guidance to technical and business stakeholders. Vulnerability Management Lead enterprise‑wide vulnerability identification, prioritization, tracking, and remediation support. Partner with infrastructure, cloud, and application teams to reduce security risk across critical assets. Validate remediation effectiveness through retesting and security control review. Improve vulnerability management processes, tooling, reporting, and operational maturity. Assess and secure workloads across AWS, Azure, and/or hybrid cloud environments . Review identity and access controls, network segmentation, endpoint posture, logging, and configuration baselines. Support security hardening of servers, operating systems, virtualization platforms, and enterprise infrastructure . Identify misconfigurations and control gaps across both cloud-native and traditional on‑prem environments . Security Engineering & Operations Assist in the implementation and tuning of security controls for infrastructure, endpoints, networks, and privileged access. Support incident response investigations, threat validation, and root cause analysis when required. Contribute to security standards, playbooks, procedures, and technical documentation. Work closely with IT, infrastructure, DevOps, and architecture teams to embed security into day‑to‑day operations. Risk, Compliance & Best Practices Align technical security work with enterprise security policies, control frameworks, and regulatory expectations. Support audits, control reviews, and evidence collection related to infrastructure and security operations. Recommend practical improvements based on industry standards and evolving threat landscapes. Requirements Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Systems , or related field, or equivalent practical experience. 5+ years of hands‑on experience in cybersecurity, with a strong focus on: Penetration testing Vulnerability testing and assessment Infrastructure security Enterprise cloud and on‑prem security Proven experience working in large enterprise environments with complex infrastructure and multiple stakeholders. Strong understanding of security across: Networks Windows and/or Linux servers Active Directory / identity environments Virtualized and hybrid infrastructure Experience using common vulnerability scanning, assessment, and security testing tools. Strong knowledge of remediation practices, risk prioritization, and secure configuration management. Ability to communicate technical issues clearly to both engineering teams and leadership audiences. Preferred Technical Experience Experience securing AWS and Azure enterprise environments. Familiarity with: Vulnerability management platforms SIEM / log analysis tools EDR / endpoint security tools Web and infrastructure security testing tools Network security validation tools Experience with: Security baselines and hardening Firewalls, VPNs, segmentation, NAC, and access controls Identity and privilege security Patch governance and remediation tracking Exposure to security frameworks such as NIST, CIS, ISO 27001, SOC 2 , or similar. Preferred Certifications Candidates with one or more of the following certifications will stand out: OSCP – Offensive Security Certified Professional CEH – Certified Ethical Hacker CISSP – Certified Information Systems Security Professional GSEC – GIAC Security Essentials CompTIA Security+ AWS Security Specialty Microsoft Azure Security Engineer Associate (AZ-500) #J-18808-Ljbffr