IT Security Engineer
About The Position
Our Core Philosophy: (in)Trust - A Culture Built on Trust At SunStream, we embrace our "One Word Why" – (in)Trust. This powerful concept represents our unwavering commitment to trust as the foundation of our relationships with clients, employees, and stakeholders. Trust isn't just a part of our services; it's the bedrock of our culture. As we join forces to create value, we promise to operate (in)Trust with you at every step. Joining the SunStream team means engaging in purposeful work, achieving financial well-being, and thriving in an exceptional culture. Our owners, clients, and employees (in)Trust us to deliver strong returns, steward resources effectively, and provide opportunities for growth and value, all within a framework of mutual trust. The Opportunity We’re seeking a hands-on Infrastructure Security Platform Engineer to own and enhance our core security technologies. This role is responsible for the engineering, administration, and continuous improvement of platforms such as SASE remote access, firewalls, DLP, CASB, Microsoft Purview, web filtering, and email security. As part of the Infrastructure & Operations team, you’ll play a critical role in ensuring our environment is securely configured - reviewing changes before deployment, conducting audits, and partnering closely with Security and IT teams to enforce standards and strengthen our overall security posture.
Requirements
- Bachelor’s degree in computer science, information technology, or a related field, or an equivalent combination of education and experience sufficient to perform the essential functions of the job
- 3–5 years of experience in security or infrastructure engineering
- Hands-on experience with network security platforms (SASE, firewalls, DLP, web/email security)
- Familiarity with Microsoft security tools (Purview, Sentinel, Defender, Conditional Access) or similar platforms
- Experience reviewing configurations or performing security audits preferred
- Strong documentation and cross-team collaboration skills
Nice To Haves
- Preferred Certifications: CISSP, Microsoft Security, Check Point, or SASE-related certifications
Responsibilities
- Act as technical owner for core security tools, including SASE, firewalls, DLP/CASB, web filtering, Microsoft Purview, and email security
- Design, implement, and optimize policies (TLS inspection, DLP, URL filtering, email controls)
- Drive platform enhancements through research, testing, and vendor collaboration
- Review infrastructure and application changes pre-deployment to ensure alignment with security standards
- Conduct regular configuration audits across network, cloud, endpoint, and identity platforms
- Maintain configuration baselines, audit frameworks, and operational runbooks
- Evaluate and approve security-related change requests in core platforms
- Troubleshoot platform issues and partner with vendors to resolve incidents
- Respond to alerts, support investigations, and participate in on-call rotations
- Partner with Security, Infrastructure, and IT Services teams to enforce standards and improve operations
- Enable scalable support through strong documentation and knowledge transfer
- Contribute to security services that support customer-facing MSP engagements
- Support regulatory compliance efforts (NIST, FFIEC, HIPAA, PCI, etc.)
- Track risks, audit findings, and remediation activities for managed platforms
- Maintain security policies and procedures to align with regulatory requirements and risk appetite
Benefits
- Comprehensive medical, dental and vision insurance
- Tax-advantaged healthcare accounts
- 401(k) plan with generous employer match
- Income protection benefits
- Individual learning & development budget
- Robust time off plans and workplace flexibility
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
