Lead Security Engineer IV

About The Position

Requirements

• 7+ years of dedicated experience in Security Engineering.
• Professional certification required: CISSP or CCNP-Security.
• Expert-level proficiency with Microsoft Defender, Microsoft Sentinel, Intune, CSPM, and Azure security services.
• Significant experience with security and compliance tools, specifically Qualys and Microsoft Purview.
• Bachelor's degree in MIS, Computer Science, Cybersecurity, or Engineering (or a minimum of 7 years in a dedicated IT Security position).
• Deep technical knowledge of API Security Architecture and technologies (OAuth2, Spring Security, HMAC, WS-Security).
• Comprehensive knowledge of security standards and guidelines, such as OWASP and CIS.
• Significant experience in at least two application security domains, such as Secure Coding, Cryptography, or Penetration Testing.
• Hands-on experience with AI projects, either in a professional or personal capacity.
• Expertise in SIEM systems and network/web protocols (TCP, UDP, ICMP, IPSEC, HTTP, HTTPS).
• Proven experience in incident management and threat remediation (isolation, identification, and eradication).

Nice To Haves

• CISM or CISA certification is preferred but not required.
• Strong understanding of ISO 27001/27701, HIPAA, PII, and PCI security principles.
• Experience with Privileged Identity Management (PIM) tools such as Microsoft PIM, CyberArk, or Thycotic.

Responsibilities

• Technical Leadership: Provide hands-on technical services to teams of specialists working on the integration of shared, centralized, and networked systems.
• System Hardening: Manage the secure deployment and maintenance of critical security systems, including EDR, DLP, CASB, SIEM, and network anomaly detection.
• AI Security Integration: Ensure responsible AI use by integrating security into the AI lifecycle and managing AI-related risks.
• Threat Detection and Automation: Utilize AI/ML to automate the detection of malware, phishing, and unusual network behavior in real-time.
• Research and Defense: Study new AI threats, such as prompt injection, and create innovative defensive techniques.
• Vulnerability Management: Lead vulnerability identification efforts using tools like Qualys and Microsoft Purview to highlight configuration errors and patch requirements.
• Incident Response: Serve as an active member of the incident response team, providing in-depth knowledge of security systems, exploits, and countermeasures for forensic analysis.
• Collaboration: Offer technical security services to network, systems, and database administrators, translating complex technology issues into understandable language for all stakeholders.