Security Engineer

Allied Consultants, Inc is a proudly Austin based firm with over 34 years of experience delivering top-tier technical and business professionals within Texas State Agencies. We are currently seeking an experience Security Engineer to play a key role within a high-impact technical services team.

At Allied Consultants, we value our consultants and are committed to providing an exceptional experience including:

• Highly competitive pay rates
• Local support staff for responsive, personal service
• Comprehensive benefits package, including:
  • Medical insurance (with employer cost sharing)
  • Life insurance
  • A 401(K) plan with company match
  • Flexible spending through a cafeteria plan

Candidates selected for interviews will be subject to a criminal background check and may be required to pass a drug screening, in compliance with federal and state regulations. All offers of employment are contingent upon successful completion of these checks.

Allied Consultants is a proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

The CIS Baseline & Server Image Security Engineer is responsible for designing, maintaining, and implementing Center for Internet Security (CIS)–aligned security baselines and hardened server images for enterprise server operating systems. This role focuses on modern server platforms including Windows Server 2025 and Red Hat Enterprise Linux (RHEL).

The position works closely with Cyber Security Operations Center (CSOC) and multiple ITD infrastructure and engineering teams to ensure CIS benchmarks, security baselines, and gold images remain current, approved, and aligned with TxDOT’s required security posture. The role ensures that server operating system images reflect approved security controls while remaining operationally supportable.

Primary Responsibilities

CIS Baseline Development & Maintenance

• Create, customize, and maintain CIS security baselines for:
• Windows Server 2025
• Red Hat Enterprise Linux (RHEL)
• Monitor CIS benchmark releases and security advisories to ensure baselines are reviewed and updated as required.
• Translate CIS benchmarks into:
• Group Policy Objects (GPOs)
• Local security policies
• Configuration standards and baseline documentation
• Maintain versioned baseline artifacts, approval records, and supporting documentation.

Server Image Hardening & Standardization

• Design and maintain secure, standardized (“gold”) server operating system images that incorporate approved CIS baselines.
• Integrate CIS baseline controls into:
• Server build images
• Post-build configuration processes
• Validate that baseline settings are consistently applied across newly deployed server systems.
• Support image updates as new operating system releases or CIS benchmark versions are published.

Security Alignment & CSOC Collaboration

• Work closely with CSOC & SRM to:
• Review baseline changes
• Validate security posture
• Address findings related to configuration standards and benchmarks
• Participate in security, baseline review, and posture validation meetings with CSOC.
• Ensure CIS baseline decisions align with TxDOT & DIR STS security governance and risk management expectations.

Cross‑Team Coordination

• Collaborate with ITD teams including:
• Server Operations
• Platform Engineering
• Change Management
• Vulnerability Management
• Provide guidance on baseline impacts to operations and applications.
• Support discussions related to baseline compliance, remediation strategy, and future platform alignment.

Exception & Risk Management Support

• Identify scenarios where CIS baseline settings require exceptions due to operational or application constraints.
• Support documentation of:
• Risk decisions
• Approved exceptions
• Compensating controls
• Maintain baseline exception artifacts in alignment with security governance processes.

Minimum (Required):

Preferred (Optional):