IT Security Senior Engineer

About The Position

Requirements

• Effective communication and collaboration skills.
• Strong analytical critical thinking skills.
• Ability to rapidly learn and apply advanced and emerging technical security principles, theories, and concepts.
• Exceptional analytical ability, communication and project management skills, documentation, and the ability to collaborate effectively with clients, IT management and staff, vendors, and consultants.
• Bachelor’s degree in computer science, information security, or information security.
• 8+ years of technical hands-on experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols (Network topologies (WAN/LAN, protocols), SIEM, Encryption technologies, TCP/IP stack, Multi-factor authentication, Authentication/Authorization, Web Application Firewall, Firewalls, IPS/IDS, DLP, HIPS, File Integrity Monitoring, Enterprise anti-malware solutions, Vulnerability management/penetration testing, Database security, wireless security, OS hardening and security best practice or an equivalent combination of education and work experience.
• Demonstrated advanced security knowledge across Microsoft Azure and Amazon Web Services (AWS) cloud environments, including the areas outlined below.
• Identity and access management (Microsoft Entra ID/Azure AD; AWS IAM), including least-privilege design, role-based access control, and privileged access governance.
• Key management and encryption (Azure Key Vault; AWS Key Management Service (KMS)), including certificate/secret lifecycle management and encryption at rest and in transit.
• Security logging, monitoring, and alerting (Azure Monitor and Microsoft Sentinel; AWS CloudTrail and Amazon CloudWatch), including centralized log collection and correlation.
• Network security controls (Azure Network Security Groups (NSGs) and Azure Firewall; AWS Security Groups and Network ACLs (NACLs)), including segmentation and ingress/egress control.
• Cloud security posture management (CSPM) and configuration assessment (Microsoft Defender for Cloud; AWS Security Hub and AWS Config), including policy evaluation and remediation tracking.
• Threat detection and response (Microsoft Sentinel; Amazon GuardDuty), including triage, investigation support, and incident escalation.
• Demonstrated familiarity with cloud networking concepts and core services in Azure and AWS (e.g., Azure Virtual Networks (VNets) and AWS Virtual Private Clouds (VPCs), routing, private connectivity, and network segmentation).
• Experience with Windows and Linux operating systems, databases, and security capabilities.

Nice To Haves

• Current SANS, ISC2, and/or other security certifications preferred.
• Familiarity with Azure Kubernetes Service (AKS), including cluster security fundamentals (RBAC, network policies, and secrets management).
• Demonstrated automation capability through scripting (e.g., PowerShell and Python) to support security operations, reporting, and repeatable engineering deployments.

Responsibilities

• Lead the research, analysis, design, testing, implementation, and operations of enterprise security engineering solutions to meet Firm requirements.
• Participate in the evaluation, development, implementation, and communication of security standards, procedures, and guidelines for multiple platforms and diverse systems environments.
• Evaluation of new and existing security technologies.
• Provide technical expertise and support to clients, IT management, and staff in the implementation of security/protection technologies in relation to network, systems, and applications.
• Function as a security expert resource (SME) to management and staff in all phases of the development and implementation of projects.
• May lead projects and provide guidance/training to less experienced staff.
• Provide technical assistance in the validation and evaluation of security alerts or incidents.
• Performs issue and problem resolution and general security operations support.
• Assists with security-related investigations and incident response activities and provides system forensics and investigative services.
• Provide periodic “on call” support of security operations during non-business hours.
• Review change requests from a security perspective, understand and determine associated risk levels and make recommendations for approval or denial based on the risk presented.
• Ability to understand, prioritize and complete tasks by working independently or in a team.
• Assist in the growth and development of the incident response team to act quickly and accurately during emergency situations.
• Participate in the development and delivery of an information security awareness program.
• Approaches all problems, projects, and incidents with a prominent level of professionalism, objectivity and an open mind to innovative ideas and solutions.
• Analyzes and identifies areas where automation can be used in the deployment of modern technology to support effective resource management.
• Maintain knowledge of vendor products, services and security technologies and recommend/implement their use.
• Expected to maintain a regular and predictable work schedule and full attention to and engagement in work activities on behalf of the firm during business hours unless otherwise approved or required by applicable law.
• Special projects and duties as assigned.

Benefits

• comprehensive medical (PPO and HDHPs), dental and vision plans including coverage for domestic partners
• life and AD&D insurance
• short and long term disability insurance
• tax-advantaged accounts for health care expenses, including FSAs and HSAs
• FSAs for dependent care
• health advocacy services
• behavioral health and counseling resources for all family members
• 401(k)
• profit sharing
• backup dependent care
• senior care planning support
• resources for individuals with development disabilities and their caregivers
• paid holidays and other paid time off, including paid leave for new parents