Security Engineer - Identity and Endpoint security

About The Position

Requirements

• 3–5 years in an IT security, security operations, or systems administration role
• Hands-on experience with Microsoft Entra ID (formerly Azure AD) — including Conditional Access, MFA, and identity governance
• Working knowledge of CyberArk or a comparable privileged access management (PAM) solution
• Familiarity with Microsoft XDR or Defender products (Defender for Endpoint, Defender for Identity, Defender for Office 365)
• Demonstrated ability to write scripts or automation — PowerShell, Python, KQL, or similar
• You can explain a security incident clearly to a non-technical audience without losing the important details
• You're comfortable owning problems — you follow through from identification to resolution
• You think about security at scale and look for ways to build processes that don't require constant human intervention
• You're collaborative — you work well across IT, engineering, and business teams
• You stay curious about how attackers think and keep up with the evolving threat landscape

Nice To Haves

• Experience with Microsoft Sentinel or similar SIEM/SOAR platforms
• Familiarity with cloud security concepts in Microsoft Azure or M365 environments
• Exposure to security frameworks such as NIST, CIS Controls, or MITRE ATT&CK
• Relevant certifications (SC-200, AZ-500, CyberArk Defender, CompTIA Security+)
• Experience supporting a security awareness or phishing simulation program

Responsibilities

• Manage and monitor our identity platform (Microsoft Entra ID) — including user access, privileged accounts, and authentication policies
• Support the administration and day-to-day operations of CyberArk for privileged access management, including vault configurations, session monitoring, and access reviews
• Partner with IT and engineering teams to enforce least-privilege access and improve identity hygiene across the environment
• Investigate identity-related alerts, unusual sign-in activity, and potential account compromises
• Work within Microsoft XDR (Defender suite) to monitor, triage, and respond to security alerts across endpoints, email, and cloud workloads
• Investigate security incidents end-to-end — from initial alert through containment, remediation, and lessons learned
• Tune detection rules and policies to reduce noise while ensuring meaningful threats don't slip through
• Collaborate with the broader security team on incident response exercises and tabletop scenarios
• Build and maintain automation workflows to reduce repetitive manual work — think automated alert enrichment, provisioning/deprovisioning, reporting, and access reviews
• Use scripting (PowerShell, Python, or similar) to develop tools that improve the team's speed and effectiveness
• Identify areas where manual processes can be streamlined and take ownership of making them better
• Contribute to the development of runbooks, playbooks, and standard operating procedures

Benefits

• Incentive Plan bonus eligibility
• Health, dental and vision insurance
• Savings and Investment Plan with Company match and contribution
• Paid Time Off (includes paid sick time)
• 11 Paid Holidays
• Life Insurance, AD and D Insurance and STD/LTD
• Tuition reimbursement, adoption assistance for eligible employees
• Employee recognition program