Senior Enterprise Security Engineer

About The Position

Requirements

• 7+ years of experience in cybersecurity engineering, systems engineering, infrastructure engineering, network engineering, or a related field
• Strong hands-on experience securing enterprise systems, identity platforms, endpoint environments, or SaaS applications
• Experience with Microsoft 365, identity and access management, SSO, conditional access, endpoint management, or endpoint security
• Hands-on experience with security operations concepts such as alert triage, incident response, EDR/XDR, logging, monitoring, or escalation workflows
• Strong understanding of least privilege, role-based access control, secure configuration, endpoint hardening, and enterprise security operations
• Ability to work directly with IT, operations, platform owners, business teams, and security leadership
• Experience working in regulated environments or environments with formal audit, compliance, or control requirements
• Self-motivated learner who proactively researches emerging technologies, security trends, and evolving threats without waiting for direction
• Ability to learn a new platform and quickly become proficient
• Strong written and verbal communication skills, including the ability to document technical decisions and explain security concepts clearly

Nice To Haves

• Experience supporting financial services, insurance, annuity, fintech, or other regulated environments
• Experience with Microsoft security tools, endpoint detection and response, SaaS security posture management, or identity governance platforms
• Experience coordinating with a Security Operations Center or managed detection and response provider
• Familiarity with frameworks and requirements such as SOC 2, ISO 27001, NAIC, NIST, or similar control frameworks
• Experience participating in incident response activities, tabletop exercises, or post-incident reviews
• Certifications such as CISSP, CISM, Security+, Microsoft security certifications, or other relevant security or infrastructure certifications
• Experience with automation, scripting, reporting, or configuration management to improve repeatability and control maturity

Responsibilities

• Implement, manage, and improve security controls across enterprise systems, identity platforms, endpoint environments, and SaaS applications
• Strengthen Microsoft 365 security, identity and access controls, endpoint controls, and SaaS security posture
• Configure and maintain secure settings across business-critical platforms supporting corporate, customer, advisor, and financial operations
• Help evaluate, implement, and mature security tooling that supports enterprise security operations
• Maintain documentation of security configurations, control decisions, and operational procedures
• Administer and improve identity and access controls aligned with least privilege principles
• Support SSO, conditional access, identity governance, access reviews, and access lifecycle processes
• Help secure endpoint environments using modern endpoint management and endpoint detection and response capabilities
• Support device compliance, endpoint hardening, policy tuning, and remediation of endpoint security findings
• Partner with IT and platform owners to ensure identity, endpoint, and SaaS security changes are implemented safely and consistently
• Interface with internal or external Security Operations Center resources to support alert triage, escalation, and tuning
• Participate as a member of the Incident Response Team
• Assist with investigation, evidence collection, containment, remediation, post-incident improvement, and root cause analysis
• Help improve detection capabilities through better alerting, logging, escalation paths, and operational workflows
• Coordinate remediation of enterprise security findings across IT, operations, and platform owners
• Help prepare the organization for Internal Audit, external audits, regulatory reviews, and control assessments
• Support security control implementation and evidence gathering for frameworks and expectations such as SOC 2, ISO 27001, NAIC, and other relevant standards
• Ensure security work is documented, repeatable, reviewable, and aligned with control requirements
• Follow change management processes and support appropriate review and approval of security configuration changes
• Partner with the Office of the CISO to prioritize enterprise security improvements and reduce operational risk
• Provide hands-on security architecture input for enterprise identity, endpoint, SaaS, and corporate technology decisions
• Identify security design gaps and recommend practical, implementable improvements
• Help define secure configuration patterns and operational guardrails for enterprise systems
• Collaborate with stakeholders to ensure security recommendations are realistic, actionable, and aligned with business needs
• Help ensure enterprise security controls are implemented, documented, monitored, and improved over time
• Help the Office of the CISO prepare for internal audit, external audit, regulatory reviews, and security control assessments by supporting evidence collection, remediation tracking, secure configuration, change management, and control documentation.

Benefits

• PTO
• health benefits
• career growth opportunities