Information Security Engineer Lead

About The Position

Requirements

• Bachelor's degree in Information Security, Computer Science, Information Systems, or equivalent combination of education and experience.
• 7+ years of progressive experience in information security, engineering, or related IT disciplines.
• Advanced knowledge of Microsoft technologies, including Azure, Entra ID (Azure AD), Office 365, Microsoft Defender suite, and Windows Server.
• Experience with SIEM, SOAR, EDR/XDR, vulnerability management, and forensic analysis tools, preferably integrated with Microsoft Sentinel and Defender.
• Strong understanding of cloud platforms (Azure, AWS, Google Cloud) and securing hybrid infrastructures.
• Relevant security certifications preferred: CISSP, CISM, OSCP, GIAC (GCIA, GCIH, GPEN), Microsoft Certified: Azure Security Engineer Associate, Microsoft 365 Security Administrator Associate, or equivalent.
• Demonstrated expertise in incident response, malware analysis, and intrusion detection.
• Proficiency with scripting/automation languages (PowerShell, Python, etc.) to enhance security operations.
• In-depth knowledge of common frameworks and standards (NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK).
• Proven ability to design and implement Zero Trust and defense-in-depth strategies.
• Applies advanced knowledge of Microsoft security technologies and enterprise platforms to solve complex challenges.
• Mentors and guides team members, builds trust, and fosters a culture of continuous improvement

Responsibilities

• Design, implement, and maintain enterprise security controls across Microsoft environments, including Azure, Entra ID (Azure AD), Microsoft 365, Microsoft Defender, and Windows Server platforms.
• Lead incident response activities, including investigation, containment, eradication, and recovery, as well as post-incident lessons learned.
• Analyze security events and alerts from IDS/IPS, SIEM, EDR/XDR, vulnerability scanners, and Microsoft security tools to identify and mitigate threats.
• Develop and implement security hardening baselines, patch management processes, and secure configuration standards for Microsoft platforms and hybrid environments.
• Collaborate with IT and business stakeholders to design secure solutions, ensuring security requirements are integrated into Windows, Active Directory/Entra ID, Azure, and Microsoft 365 systems.
• Conduct threat modeling and risk assessments, making recommendations for risk treatment and mitigation strategies.
• Oversee vulnerability management program, including regular assessments, prioritization, and remediation validation.
• Create strategies to mitigate risks and ensure compliance with relevant laws and regulations
• Focus on continuous improvement to stay updated on cybersecurity trends and emerging threats to enhance security measures.
• Provide mentorship and technical guidance to Information Security Analysts and IT staff.
• Assist in the development and enforcement of security policies, standards, and procedures, with specific emphasis on Microsoft platforms.
• Stay current with emerging threats, vulnerabilities, and security technologies; recommend improvements to strengthen the security posture
• Regular, reliable, and predictable attendance

Benefits

• 401(k) Plan: Dollar-for-dollar match up to 5% after 90 days, with 100% vesting.
• Employer-Paid Coverages: Group term life, short- and long-term disability insurance.
• Comprehensive Health Coverage: Medical, vision, dental, with additional dependent coverage options.
• Free Health Tracking: With rewards for meeting health goals.
• Generous PTO: 120+ hours accrued within the first year.
• Employee Referral Bonus: For referring talented candidates.
• Career Development: Tuition reimbursement and professional growth opportunities.
• Exclusive Discounts: Access to partner and marketplace discounts.
• Community & Engagement: Company and employee clubs at various locations.