Cyber Security Engineer II

Advisor Group•Scottsdale, AZ

2d•Hybrid

About The Position

The Cybersecurity Engineer (Professional) is a hands-on technical role responsible for delivering improvements across the organization’s core security platforms, including Tenable (Vulnerability Management), Varonis (Vulnerability / Exposure Reduction & Data Security), and the Microsoft Security stack (Defender suite, Purview, Azure security capabilities). This role contributes to the engineering, testing, documentation, configuration, and operational support of these platforms. The engineer collaborates with cross-functional teams—Security Operations, IT, Cloud, and Application teams—to ensure our controls are effective, reliable, well‑documented, and aligned with best practices. This role is ideal for an all‑around cyber professional who enjoys platform engineering, automation, improving security controls, and helping mature the organization’s vulnerability reduction and detection capabilities.

Requirements

5+ years of experience in cybersecurity engineering, security operations, or IT security administration
Hands-on experience with one or more of the following: Tenable, Varonis, Microsoft Defender suite, Splunk, Azure security tools, or Purview
Working knowledge of Windows and Linux systems, including basic administration and troubleshooting
Experience with Python, PowerShell, or bash for automation, scripting, or data manipulation
Familiarity with enterprise security practices: vulnerability management, detection engineering, access controls, endpoint security, cloud security fundamentals,
Ability to write clear, concise documentation including runbooks and technical guides.
Strong analytical and troubleshooting skills with a focus on root-cause analysis and sustainable fixes.

Nice To Haves

Experience with container security or Kubernetes (AKS, ACA, ARC, on on-prem K8s/containerd)
Experience with SIEM (Splunk or Microsoft Sentinel) for basic query creation and debugging
Understanding of ServiceNow Security Operations (Vulnerability Response, Incident Response)
Familiarity with identity and access technologies (SecureAuth, Duo, Entra ID)
Experience with REST APIs and JSON/YAML configuration.
Knowledge of security frameworks (NIST, CSF, CIS Controls, MITRE ATT&CK)
Microsoft SC-200, SC-300, AZ-500, SC-400
Tenable certifications (Tenable.io or Nessus)
CompTIA Security+ or CySA+
(ISC)2 SSCP
Varonis or data security training/certification
Terraform Associate, CKA, or similar

Responsibilities

Implement enhancements to the Tenable vulnerability management platform including connector tuning, asset tagging logic, health monitoring, and data quality improvements
Support and improve the Varonis data protection and vulnerability reduction platform, including policy updates, rule creation and refinement, access remediation support workflows, and deployment of automation
Configure, tune, and enhance controls within the Microsoft security stack
Create and maintain clear, high-quality runbooks, SOPs, architecture diagrams, and configuration documentation
Perform platform and feature testing, including regression testing, validation of configuration changes, and quality assurance of policies and detections
Develop and refine detections, alerts, dashboards, and automation workflows across supported platforms.
Provide Tier2-3 support for platform issues, escalations, and service problems.
Participate in on-call rotations as needed to support critical security platforms
Troubleshoot platform health issues, connector failures, ingestion problems, and performance concerns across supported platforms.
Partner with Incident Response and Vulnerability Management teams to ensure security platforms provide accurate, actionable data.
Identify root causes of recurring issues and implement corrective actions that eliminate problems at the source.
Contribute to security platform roadmaps and backlog grooming
All other duties as assigned.