Security Engineer

About The Position

Requirements

• Securing and supporting cloud environments, particularly AWS, including services such as IAM, GuardDuty, CloudTrail, Security Hub, AWS Config, and KMS.
• Working with Microsoft security technologies including Entra ID, Conditional Access, Multi-Factor Authentication (MFA), Privileged Identity Management (PIM), Microsoft Defender, and Secure Score.
• Using security tools such as EDR, SIEM, vulnerability management, SOAR, CASB, or related technologies.
• Investigating security events, responding to incidents, and managing security risks across cloud and on-premises environments.
• Managing identity and access controls, including RBAC, PAM, SSO, and federation technologies such as SAML, OAuth, and OIDC.
• Supporting and securing Windows and Linux environments.
• Applying networking fundamentals including TCP/IP, DNS, VPNs, proxies, and firewalls to secure enterprise systems.
• Building automation and tooling using Python and/or PowerShell.
• Integrating systems through APIs and working with version control systems such as Git.
• Implementing or supporting data protection technologies such as Microsoft Purview, data loss prevention (DLP), classification, and information protection solutions.
• Approach security challenges with an engineering mindset and prefer pragmatic, effective solutions to unnecessary complexity.
• Look for opportunities to automate repetitive work through scripting, tooling, and emerging technologies, including AI-enabled security workflows.
• Have hands-on experience in security engineering, security operations, or DevSecOps, with a track record of monitoring, incident response, and risk reduction.
• Stay curious about evolving threats, cloud technologies, detection techniques, and emerging security trends.
• Communicate effectively across technical and non-technical teams and can clearly articulate security concepts to a variety of audiences.
• Are comfortable collaborating with engineers, infrastructure teams, and business stakeholders, and constructively challenging assumptions when needed.
• Take ownership of problems from investigation through resolution and enjoy working in a fast-paced, highly collaborative environment.

Nice To Haves

• We recognize that great candidates may not meet every qualification listed above. If you're excited about the role and believe you can contribute, we encourage you to apply.

Responsibilities

• Monitor daily security operations, identify threats, investigate alerts, and respond to incidents across cloud and on-prem environments.
• Maintain and tune security tools across AWS, Microsoft 365, endpoints, and network infrastructure.
• Strengthen Microsoft 365 and Entra ID security through Conditional Access, MFA, PIM, Defender for Endpoint/Identity/O365, and tenant configuration hardening.
• Implement and support data protection capabilities, including Microsoft Purview, sensitivity labels, DLP, and insider risk policies.
• Build and maintain security automation using Python and PowerShell, with a strong focus on reducing manual processes and improving detection and response.
• Integrate systems using APIs (Graph API, REST, etc) to enhance security workflows.
• Work with AI and our AI engineering teams to ensure the security of the environment
• Perform vulnerability assessments, review system configurations, and develop practical mitigation strategies.
• Conduct security reviews of systems, cloud workloads, and new technologies.
• Ensuring and assuring our security controls are effective and working as intended
• Lead or contribute to incident response activities including investigation, containment, communication, and remediation.
• Analyze logs, IOCs, and behavior patterns using SIEM tools and threat intelligence.
• Work closely with engineering, technology, and business teams to embed security best practices.
• Provide guidance on secure architecture, access controls, and identity management.
• Support user education and uplift security behaviors across the business.

Benefits

• discretionary bonus
• benefits package