Senior Security Engineer

About The Position

Requirements

• One or more industry-recognized certifications, such as CompTIA Security+, AWS/Azure Security, GIAC certifications or equivalent
• Hands-on experience with network and perimeter solutions like firewalls, VPNs, segmentation, and secure remote access
• Strong working knowledge of risk management frameworks (NIST, ISO, and CIS) and regulatory requirements for HIPAA compliance
• Proven experience designing, implementing, and operating SIEM and security detection capabilities
• In-depth knowledge of IAM architectures, authentication, authorization, and access governance
• 5+ years of experience in detection and response engineering, incident response, or security architecture
• Bachelor's degree or equivalent work experience in Information Technology, Cybersecurity, or a related discipline

Responsibilities

• Research, deploy, configure, optimize, and troubleshoot security tools and platforms across the environment by applying least-privilege and zero-trust principles
• Design, implement, and maintain technical security controls, including RBAC, firewall rules, VPN configurations, email security controls, and data access and movement protections
• Implement and optimize identity and access management controls, including RBAC, just-in-time access, and privileged access monitoring
• Own the lifecycle and maturity of security tooling by documenting product roadmaps, identifying capability gaps, and driving continuous improvement aligned with security best practices
• Develop and implement practical remediation solutions for identified security gaps, improving system hardening and configuration standards across infrastructure and applications
• Perform hands-on system and control assessments to validate control effectiveness, proactively identify weaknesses, and recommend technical improvements
• Partner with Infrastructure and Product teams to architect and implement secure solutions for cross-functional initiatives and new technology deployments
• Build, operate, and continuously enhance a SIEM platform, including log ingestion, normalization, correlation rules, and alerting aligned to the MITRE ATT&CK framework
• Deploy, operate, and maintain vulnerability scanning tools and agents while analyzing findings and working with stakeholders to tune vulnerability identification
• Support incident response investigations through log analysis, containment support, root cause analysis, and post-incident improvements to detection and prevention controls
• Hands-on experience implementing email, endpoint, and data protection controls, along with vulnerability management practices, including scanning, agent deployment, and remediation validation
• Adaptability and resiliency in an evolving environment
• Excellent analytical, written, and verbal communication skills with the ability to influence decision-making across technical and non-technical audiences