Senior Information Security Engineer

About The Position

Requirements

• 8–10+ years of experience in information security, security engineering, or related technical fields.
• Deep knowledge of network security, cloud security (AWS, Azure), and identity security (IAM, SSO, MFA, Zero Trust).
• Hands on experience with SIEM, EDR/XDR, firewalls, vulnerability scanners, email security, and cloud native security tools.
• Strong understanding of threat detection, incident response, and forensics fundamentals.
• Proficiency in scripting/automation (Python, PowerShell).
• Familiarity with secure development practices and common vulnerabilities (OWASP Top 10, SANS Top 25).
• Excellent communication and leadership skills.
• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or equivalent experience.

Nice To Haves

• Experience with security architecture frameworks and enterprise‑scale design.
• Background in threat intelligence, malware analysis, or red/blue team operations/tabletop exercises.
• Familiarity with compliance frameworks such as SOC 2, PCI‑DSS, HIPAA, or GDPR.
• Advanced certifications preferred: CISSP, GCIH, GCIA, OSCP, CCSP, Cloud security certifications (AWS/Azure/GCP).

Responsibilities

• Lead the design and implementation of enterprise‑grade security controls, including network security, cloud security, endpoint protection, and identity platforms.
• Architect secure solutions for new technologies, cloud migrations, and infrastructure modernization efforts.
• Evaluate and integrate advanced security tools, automation frameworks, and detection technologies.
• Oversee security monitoring, threat hunting, and incident response activities.
• Conduct deep‑dive investigations into complex security events and coordinate cross‑functional response efforts.
• Lead vulnerability assessments, penetration testing coordination, and remediation tracking.
• Develop and refine detection logic, playbooks, and response workflows.
• Perform and lead risk assessments, threat modeling, and security reviews for applications, systems, and vendors.
• Contribute to the development and enforcement of security policies, standards, and best practices aligned with frameworks like NIST, ISO 27001, and CIS.
• Partner with compliance teams on audits, regulatory requirements, and remediation plans.
• Drive continuous improvement of security processes, tooling, and operational efficiency.
• Manage and oversee security engineers at our MSP and serve as a subject‑matter expert across the organization.
• Foster collaboration between IT and business functions (e.g., Genomics & Bioinformatics, Finance, HR, etc.) to establish a culture of security.
• Communicate complex security issues to technical and non‑technical stakeholders, including leadership.

Benefits

• Blue Cross Blue Shield PPO Medical Plan
• company-funded Health Savings Account
• Dental and Vision Insurance
• Life and Disability Insurance
• Dependent Care Account
• Tuition Reimbursement
• 401(k) plan with company match
• Employee Assistance Plan
• Wellness Programs
• flexible Paid Time Off policy