Security Engineer

About The Position

Requirements

• Minimum of 5 years of hands-on information security, security engineering, infrastructure security, cloud security, or related technology experience.
• Practical working experience with several of the following technologies or equivalent platforms: CrowdStrike, Tenable, AvePoint, BitSight, Palo Alto firewalls, AWS Security, Azure Security, Netskope, and Microsoft PKI.
• Strong knowledge of endpoint detection and response, vulnerability management, firewall and network security, cloud security, data loss prevention, secure web gateway/CASB/SASE, certificate services, and third-party cyber risk concepts.
• Experience supporting enterprise security tools in production environments, including implementation, configuration, monitoring, troubleshooting, upgrades, and operational lifecycle management.
• Strong understanding of Windows, Linux/UNIX, networking, DNS, DHCP, routing, authentication, identity and access management, and common enterprise infrastructure patterns.
• Ability to analyze security events, system logs, vulnerability data, firewall traffic, endpoint telemetry, and cloud security findings to identify risk and drive remediation.
• Experience developing or maintaining runbooks, procedures, standards, control documentation, dashboards, and operational metrics.
• Working knowledge of security frameworks and best practices such as CIS Controls, NIST Cybersecurity Framework, MITRE ATT&CK, OWASP, and defense-in-depth principles.
• Strong analytical, communication, collaboration, and problem-solving skills with the ability to work across local and remote teams.

Nice To Haves

• Automation or scripting experience is preferred, including Python, PowerShell, API integrations, or infrastructure-as-code/security-as-code approaches.
• Relevant certifications are a plus, such as CISSP, CCSP, AWS Security, Azure Security, GIAC, CrowdStrike, Palo Alto, Tenable, or other security/vendor certifications.

Responsibilities

• Engineer, administer, tune, and continuously improve enterprise security platforms including CrowdStrike, Tenable, AvePoint, BitSight, Palo Alto firewalls, AWS Security, Azure Security, Netskope, and Microsoft PKI.
• Provide Tier 2 to Tier 3 technical ownership for security tools, including platform configuration, policy management, health monitoring, upgrades, integrations, troubleshooting, and operational support.
• Design and implement security controls for endpoint protection, vulnerability management, cloud security, network segmentation, secure web access/CASB/SASE, email and collaboration security, data protection, certificate management, and third-party cyber risk monitoring.
• Partner with SOC and Incident Response teams to investigate alerts, validate detections, analyze logs, support containment and remediation, and improve alert fidelity and operational playbooks.
• Lead vulnerability management activities using Tenable and related processes, including scan coverage, prioritization, validation, exception handling, reporting, and remediation coordination with technology owners.
• Support cloud security posture across AWS and Azure by reviewing configurations, enforcing security standards, assisting with identity and access controls, and enabling secure cloud adoption.
• Manage network and perimeter security capabilities, including Palo Alto firewall policies, rule hygiene, traffic analysis, control validation, and change support.
• Administer endpoint security capabilities in CrowdStrike, including policy tuning, sensor health, detection review, response actions, and collaboration with endpoint and server teams.
• Support Netskope capabilities for secure access, cloud application visibility, DLP policy enforcement, web protection, and user activity investigation.
• Support AvePoint and Microsoft 365 security operations related to collaboration security, data governance, backup/recovery, and policy enforcement.
• Operate and improve Microsoft PKI services, including certificate lifecycle management, templates, issuance controls, renewal processes, and documentation.
• Maintain operational runbooks, standards, architecture diagrams, procedures, metrics, and evidence required for audit, regulatory, and internal governance needs.
• Evaluate emerging threats, security advisories, and vendor capabilities; recommend tactical and strategic improvements to strengthen the security control environment.
• Participate in after-hours support, incident response, and change windows as required.
• Perform other duties as assigned.

Benefits

• Annual discretionary bonus
• 401(k) plan with a generous match
• Recognition rewards
• Comprehensive benefits package
• Competitive healthcare options
• Insurance
• Disability benefits
• Employee stock investment program
• Learning resources
• Career development programs
• Reimbursement for certain education expenses
• Paid time off (vacation / holidays / sick / leave / parental & caregiving leave / bereavement / volunteering / floating holidays)
• Motivational wellbeing program
• Three weeks of PTO in your first year
• Competitive medical, dental, and vision insurance
• 401(k) plan with an 85% company match on pre-tax and/or Roth contributions, up to IRS limits
• Employee Stock Investment Plan (ESIP) with discounted share purchase opportunities
• Learning Education Assistance Program (LEAP)
• Opportunity to purchase company funds with no sales charge