Senior Information Security Engineer

About The Position

Requirements

• Eight (8) or more years of progressively responsible information technology experience, including at least four (4) years focused on cybersecurity or security operations.
• Hands-on SIEM operations experience; Sumo Logic experience strongly preferred.
• Hands-on EDR operations experience; CrowdStrike Falcon experience preferred.
• Working knowledge of NIST SP 800-171, CMMC Level 2, cybersecurity compliance frameworks, and security control implementation.
• Strong experience with Microsoft enterprise technologies, including Active Directory, Entra ID, Azure, Microsoft 365, and Intune.
• Experience with firewall administration, VPN technologies, network segmentation, and network troubleshooting.
• Privileged Access Management (PAM) administration experience.
• Scripting experience using PowerShell, Python, or similar automation tools.
• Professional cybersecurity certification such as Security+, CISSP, CISM, or equivalent.
• Strong written communication skills with the ability to create clear technical documentation, evidence packages, change records, and incident documentation.

Nice To Haves

• Experience supporting Defense Industrial Base (DIB) organizations or federal contractors.
• Experience supporting CMMC or NIST SP 800-171 compliance initiatives.
• CCSP, CISA, CCP, FedRAMP, or other advanced security certifications.
• Fortinet firewall administration experience.
• Experience supporting mergers and acquisitions integrations.
• Experience with insider risk management, AI governance, or related security initiatives.
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Responsibilities

• Managing and supporting enterprise security operations technologies to detect, investigate, and respond to cybersecurity threats and vulnerabilities.
• Monitoring, triaging, and responding to security alerts, incidents, identity risks, and endpoint threats in coordination with internal stakeholders and managed security partners.
• Supporting vulnerability and patch management activities, including risk assessment, remediation tracking, reporting, and continuous improvement of the organization's security posture.
• Administering privileged access management solutions and supporting access control, identity protection, and separation-of-duties requirements.
• Participating in incident response activities, including investigation, containment, remediation, documentation, post-incident analysis, and access reviews.
• Supporting and securing enterprise infrastructure environments, including cloud, endpoint, identity, collaboration, and directory services platforms.
• Managing and reviewing network security controls, including firewall administration, VPN technologies, network segmentation, and access management.
• Supporting cybersecurity compliance initiatives through technical control implementation, evidence collection, remediation activities, audit preparation, and ongoing compliance monitoring.
• Leading infrastructure and security projects from requirements gathering through implementation, testing, and documentation.
• Collaborating effectively with Information Technology staff, business stakeholders, managed service providers, and compliance partners to support organizational security objectives.

Benefits

• Employee Stock Ownership Plan (ESOP)
• Personalized career development
• Mentorship
• Employee wellness initiatives
• Health tracking tools