Senior Security Engineer

KSM•Indianapolis, IN

12h

About The Position

We’re KSM, one of the top 50 largest independent advisory, tax, and audit firms in the United States. But more than our size, it’s our people and culture that set us apart. We believe great things happen when people are supported, challenged, and given the freedom to do their very best work. That’s why we’ve built a workplace where your career and personal life can thrive together – where you have the flexibility to manage your time, the resources to grow, and a team that genuinely cares about your success. We’ve been employee-owned since 2001, giving every team member a stake in our collective success. This ownership mentality fosters a culture of collaboration, curiosity, and excellence – where new ideas are welcomed, different perspectives are valued, and you’re encouraged to explore what excites you most. Whether you’re expanding your skills, tackling new challenges, or making an impact beyond the office, we provide the resources and support to help you grow in the direction that’s right for you. At KSM, your contributions matter – not just to the firm, but to your colleagues, clients, and the communities we serve across the U.S. If you’re looking for a place where you can do meaningful work, build lasting relationships, and grow in ways that align with what’s most important to you, we’d love to meet you.

Requirements

6+ years of hands-on experience in security engineering, cloud security, or infrastructure security roles
Strong practical experience securing AWS environments, including networking, compute, and managed services
Deep understanding of identity and access management, least privilege principles, and credential hygiene
Demonstrated experience triaging security alerts and leading technical investigation of security incidents
Proven ability to remediate security findings and validate fixes across cloud and application environments
Experience implementing security controls within CI/CD pipelines and infrastructure-as-code workflows
Ability to operate independently, prioritize effectively, and own issues from detection through resolution
Strong written and verbal communication skills with the ability to explain risk and remediation clearly to both technical and non-technical audiences

Nice To Haves

Experience improving detection quality by tuning alerts and reducing false positives
Experience leveraging native cloud provider security services to identify , investigate, and remediate risk across AWS and Azure environments, including but not limited to the following IAM Access Analyzer CloudTrail GuardDuty Security Hub AWS Config Azure AD sign-in logs and Activity Logs Defender for Cloud Service-level security controls
Prior experience collaborating closely with engineering and IT teams in production environments
Experience supporting compliance efforts such as SOC 2, HITRUST, or similar frameworks

Responsibilities

Own remediation of cloud, identity, and application security findings in partnership with engineering and IT teams
Design, implement, and maintain security controls across AWS, identity platforms, and CI/CD pipelines
Triage and validate security alerts and indicators of compromise
Lead technical investigation, containment, and recovery efforts for security incidents
Coordinate incident response with IT, engineering, and external partners as appropriate
Perform root cause analysis and drive preventative improvements to controls and processes
Improve detection quality by tuning alerts and reducing false positives
Support compliance efforts such as SOC 2 by providing clear, auditable technical evidence
Automate repeatable security tasks to reduce manual effort and operational friction
Document incidents, risks, remediation actions, and outcomes for both technical and leadership audiences
Act as a technical escalation point and mentor for security-related engineering questions