Senior Cybersecurity Engineer

About The Position

Requirements

• 5+ years in security engineering, with hands-on responsibility for implementing controls across identity, network, cloud, endpoint, and/or monitoring.
• Strong fundamentals in IAM, network segmentation, encryption / key management, and centralized logging / monitoring.
• Experience with at least one major cloud platform (Azure, AWS, GCP) in a security-engineering capacity.
• Ability to produce clear architecture documentation, runbooks, and decision records that hold up under audit and peer review.
• Excellent written and verbal communication; able to explain tradeoffs across Security, IT, and delivery audiences in plain language.
• Comfortable mentoring less senior engineers and owning quality-of-output for one or more domains.

Nice To Haves

• Regulated-environment experience (CMMC, NIST 800-171, NIST 800-53, FedRAMP-aligned, SOC 2, ISO 27001, HIPAA, PCI).
• Infrastructure-as-code experience (Terraform, Bicep, Pulumi) and policy-as-code (Sentinel, OPA).
• Security tooling integration experience (SIEM, EDR, vulnerability scanning, IAM, secrets management).
• Industry certifications (one or more): CISSP, CCSP, GIAC (e.g., GCED, GPEN, GCWN), AZ-500, AWS Security Specialty.
• Experience supporting a SOC’s detection/response engineering needs.
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field — or equivalent applicable years of experience

Responsibilities

• Own the operational health of one or two engineering domains (identity, network/segmentation, cloud security baselines, monitoring/logging, encryption/key management, endpoint, vulnerability management, configuration management). Keep them measurably healthy and improving.
• Lead initiatives that span Security, IT, Identity, Cloud Operations, and delivery teams — controlled rollouts, control set hardening, tool migrations. Land them without breaking production.
• Design new control patterns and reference architectures. Write the decision records, runbooks, and standards the team executes against and the auditors review.
• Lead the end-to-end deployment of new control sets (e.g., bringing a new EDR online, hardening a new cloud account, standing up new logging pipelines) — pilot, measure, expand, document.
• Pair with Mid and Associate engineers, run design reviews, give substantive code/config review, and grow the next tier. Quality of output from less senior engineers is part of your scope.
• Be the senior partner Cloud Ops, Identity, IT Service Management, GRC, and the SOC call when they need security engineering input. Solve problems with them, not at them.
• Partner with Detection Engineering and the SOC on logging coverage, telemetry quality, and the engineering pieces of response (privileged access tooling, isolation capabilities, evidence capture).
• Produce control evidence and architecture documentation that holds up under audit and peer review. Keep your domains’ evidence map current.
• Push toward repeatable, codified controls (IaC, policy-as-code, automated evidence collection) instead of one-off manual work.

Benefits

• Medical, Dental, and Vision Insurance on the first day of employment
• Flexible Spending Account and Dependent Care Account
• 401k with Profit Sharing
• 9+ holidays and discretionary time off structure
• Parental Leave – coverage for both primary and secondary caregivers
• Tuition Assistance Program and CPA support program with cash incentive upon completion
• Discretionary incentive compensation based on firm, group and individual performance
• Incentive compensation related to origination of new client sales
• Top rated wellness program
• Flexible working environment including remote and hybrid options