State Affairs
State Affairs is the nation’s leading news and policy intelligence platform focused on state governments. We combine nonpartisan coverage of Statehouses across the country alongside state government data and AI-native tools into a singular platform.
We inform and empower decision makers, policy professionals and citizens through our award-winning journalism and data – delivering profound insights to help our customers decode and act on state politics and policy. We’re building a category-defining business that will reshape America as we strengthen visibility into what’s happening and why at the state level.
We are hiring a Information Security Engineer to own and improve the security systems that protect State Affairs’ employees, devices, SaaS applications, corporate network, and internal data. This role will be responsible for identity and access management, endpoint security, security alert triage, device compliance, security automation, and corporate IT security operations.
This is a role for someone who is comfortable operating across security engineering, IT operations, automation, and employee support. You will manage the systems that enable secure onboarding, offboarding, device management, access control, monitoring, and audit readiness across a fast-growing organization.
As the Information Security Engineer you will:
- Own identity and access management across SSO, directory systems, MFA, SCIM provisioning, and corporate SaaS applications.
- Manage secure onboarding, offboarding, access changes, and recurring access reviews across employee systems.
- Administer and improve endpoint security controls across macOS and Windows devices, including MDM, disk encryption, patch compliance, EDR coverage, and device posture reporting.
- Provision, manage, and de-provision laptops and employee devices using automated MDM tools.
- Triage and investigate security alerts from identity providers, endpoint security tools, firewalls, VPN/Zero Trust systems, SIEM/logging platforms, and SaaS applications.
- Support phishing response, suspicious login investigations, endpoint security events, and other corporate security incidents.
- Maintain and improve corporate network security, including secure Wi-Fi, VLAN basics, VPN/Zero Trust access, firewall hygiene, and office network troubleshooting.
- Diagnose and resolve multi-platform hardware, software, access, and local network issues for onsite, hybrid, and distributed teams.
- Build scripts and automations using Python, Bash, PowerShell, or REST APIs to reduce manual work across onboarding, offboarding, access reviews, device compliance, system telemetry collection, and audit evidence collection.
- Use REST APIs to pull metrics, reconcile access, integrate administrative systems, and automate security operations workflows.
- Support routine security patch management, vulnerability remediation tracking, and corporate compliance validation.
- Support SOC 2 and other compliance efforts by producing evidence for access controls, device management, security monitoring, patching, and user lifecycle management.
- Maintain security runbooks, IT/security documentation, administrative scripts, and Git-backed operational procedures.
- Utilize Git for documentation, change tracking, and sharing administrative source code.
- Partner with engineering and operations teams on secure access to internal systems, VPN/private network access, least-privilege permissions, and security process improvements.
- Provide escalation-level IT support for employee devices, account access, local network issues, and corporate systems.
Essential Qualifications for this position include:
- Bachelor’s degree in computer science, engineering, or related field
- Prior professional experience in corporate security, IT security operations, security operations, endpoint security, identity administration, or a security-focused IT engineering role.
- Experience administering identity providers, SSO, MFA, directory systems, and SaaS access controls.
- Experience managing endpoint security controls across macOS and/or Windows devices using MDM, EDR, disk encryption, and patch management tools.
- Knowledge common corporate security workflows, including onboarding/offboarding, access reviews, phishing response, suspicious login investigation, and endpoint alert triage.
- Knowledge of networking fundamentals, including TCP/IP, DNS, DHCP, routing, VPNs, firewall rules, and secure Wi-Fi.
- Ability to write, modify, and run scripts in Python, Bash, PowerShell, or a comparable language to automate workflows.
- Ability to use REST APIs to integrate administrative systems, export security data, pull metrics, or automate operational workflows.
- Ability to use Git for documentation, scripts, configuration tracking, or operational change management.
- Communication skills and the ability to document repeatable security and IT procedures.
Preferred Qualifications for this position include:
- Prior startup experience in a security, IT, infrastructure, or operations role.
- Experience with tools such as Google Workspace, JumpCloud, Okta, Cloudflare, Tailscale, Jamf, Kandji, Intune, CrowdStrike, SentinelOne, Datadog, AWS, or similar platforms.
- Familiarity with SOC 2, ISO 27001, CIS Controls, or similar security/compliance frameworks.
- Experience supporting security questionnaires, audit evidence collection, access reviews, or vendor security reviews.
- Experience automating identity, endpoint, SaaS administration, or compliance workflows.
- Certifications such as CompTIA Security+, Network+, Cisco CCNA, AWS Certified Cloud Practitioner, or equivalent practical experience.
This is an onsite work opportunity and our teams operate from the Washington, DC office (located at L and 15th St. NW). State Affairs offers a competitive salary and a comprehensive benefits package to employees.
The annual salary range for this role as it is posted is $120,000 – $180,000 for candidates working from a State Affairs office. The final job level and annual salary will be determined based on the education, qualification, knowledge, skills, ability, and experience of the final candidate(s), and calibrated against relevant market data and internal team equity. Benefits listed in this posting may vary depending on the nature of your employment with State Affairs.
Candidates must be authorized to work in the United States without the need for current or future company sponsorship.
State Affairs is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. State Affairs does not discriminate against applicants on the basis of race, color, religion, sex, sexual orientation, gender, gender identity, national origin, veteran status, disability, or any other protected characteristic in accordance with federal, state, and local law.
State Affairs is committed to providing reasonable accommodations for qualified individuals with disabilities as they go through our job application and interview process. If you need assistance or an accommodation due to a disability, you may contact us at jobs@stateaffairs.com
By submitting your application, you affirm the content contained therein is true and accurate in all respects. Please note that prior to employment, State Affairs will obtain background checks for employment purposes that may include, where permitted by law, the following: identify verification, prior employment verification, personal and professional references, educational verification, and criminal history. For certain roles, further background checks covering additional information and activities may be initiated.
“By clicking “Submit Application” you are consenting to the use and retention of the information you have provided as set forth in the State Affairs Privacy Policy.
To apply for this job please visit job-boards.greenhouse.io.
Terms used in this posting
- equity
- Ownership stake in the company, usually in the form of stock options or RSUs, offered in addition to salary.
- hybrid
- A work arrangement combining both in-office and remote/at-home work, typically on a set schedule.
Explore State Affairs online
Working in Washington, D.C., US
Weather right now in Washington, D.C., US: checking… · Local time: · Air quality: · Daylight: · UV index:
Washington, D.C., officially the District of Columbia and commonly known as Washington or D.C., is the capital city and federal district of the United States. The city is on the Potomac River across from Virginia and shares land borders with Maryland to its north and east. It was named after George Washington, a Founding Father and the first president of the United States. The district is named fo
🇺🇸 Relocation safety for US: Exercise Normal Caution — via Warnely, CC BY 4.0
National unemployment rate in US: 4.2% — via World Bank
- Elevation 7m (23 ft)
Source: Wikipedia (state)
Job details above are provided by the employer/source. The sections on this page are compiled from public data sources with AI assistance.
Accommodations: if you need a workplace accommodation to apply for or perform this job, see ADA.gov or EEOC.gov for guidance on your rights and how to request one.
Keep exploring on Get A Job.ai
Not quite the right fit? Your next opportunity is a click away.
- Browse all jobs
- More jobs by category
- Remote jobs you can do from anywhere
- Research typical pay for this role
- Set a job alert so new matches reach you first
- Upload your resume to apply faster
Hiring instead? Post a job and reach candidates searching right now.
