Senior Information Security Engineer
ANDMORE Careers•Atlanta, GA
•Hybrid
About The Position
ANDMORE is seeking a Senior Information Security Engineer who is a senior, hands-on security engineering leader responsible for translating CISO strategy into secure architecture, operational controls, automation, and measurable risk reduction. This role drives engineering outcomes across Microsoft security platforms, identity, cloud/network security, data protection, AI security, vulnerability management, detection, and incident response. This position partners cross-functionally with Infrastructure, IT Operations, Legal, HR, Finance, Compliance, business leaders, and external providers.
Requirements
- 7+ years in information security engineering, cloud security, or cybersecurity roles
- Deep expertise in Microsoft security stack (Sentinel, Defender, Entra ID, Purview, Azure)
- Experience with vulnerability management and risk-based prioritization
- Strong background in SOC/MSSP operations and incident response
- Knowledge of Azure security, identity governance, and compliance frameworks
- Experience with data protection tools (e.g., Purview DLP, labeling)
- Familiarity with AI security concepts and tools (e.g., Copilot environments)
- Understanding of NIST, ISO 27001, CIS Controls, and MITRE ATT&CK
- Scripting experience (PowerShell and/or Python)
Nice To Haves
- Security architecture and engineering leadership
- Microsoft security platform expertise
- AI, identity, and data protection governance
- Risk-based decision-making
- Automation and operational excellence
- Strong executive communication and cross-functional collaboration
Responsibilities
- Translate risk priorities into architectures, standards, reference implementations, and control designs
- Design and implement controls across Microsoft 365, Azure, Entra ID, endpoints, networks, SaaS, and cloud
- Conduct architecture reviews and document risks, mitigations, and exceptions
- Lead implementation and optimization of Purview (sensitivity labels, DLP, governance)
- Partner with cross-functional stakeholders to enforce data handling controls
- Manage rollout, testing, tuning, and effectiveness of data protection policies
- Serve as technical lead for AI security (Copilot, agents, integrations)
- Design safeguards for identity, data exposure, prompt injection, and monitoring
- Evaluate AI use cases and define security controls pre-deployment
- Engineer identity controls including MFA, conditional access, PIM, and governance
- Reduce privileged access risks and improve monitoring
- Strengthen lifecycle and access governance processes
- Own MSSP SOC relationship and improve monitoring and response capabilities
- Enhance detection quality across endpoints, identities, and cloud environments
- Lead incident response support and post-incident improvements
- Oversee vulnerability lifecycle (discovery, prioritization, remediation, reporting)
- Apply risk-based prioritization using threat intelligence and asset criticality
- Partner with technical teams to improve configurations and remediation timelines
- Lead Azure security engineering and establish secure baselines
- Evaluate new technologies and vendors for risk and compliance
- Strengthen network segmentation, remote access, and monitoring
- Build automation using PowerShell, Python, Microsoft Graph, and Logic Apps
- Develop repeatable processes for audits, reporting, and control validation
- Mentor teams and communicate technical concepts to executive audiences
Benefits
- Hybrid flexibility with a strong connection to our Atlanta campus or Las Vegas Campus dependent on location
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
