Senior Security Engineer

About The Position

Requirements

• Advanced experience with EDR/XDR platforms
• Identity security (MFA, Conditional Access, identity‑based threat detection)
• Email security and anti‑phishing controls
• SIEM/SOAR integration and detection logic
• Endpoint, cloud, and SaaS security fundamentals
• Vulnerability awareness and mitigation strategies
• Security incident response leadership
• Root Cause Analysis (RCA) and preventative remediation
• Security control effectiveness evaluation
• Detection tuning and alert optimization
• Cross‑functional collaboration in an MSP environment
• Strong ownership and accountability
• Calm, decisive response under pressure
• Risk‑based decision‑making
• Clear technical communication and influence without authority
• 5–8 years experience in security engineering, security operations, or SOC roles
• Demonstrated ownership of complex security incidents and security platform management
• Experience supporting multi‑tenant or MSP environments strongly preferred

Nice To Haves

• Microsoft SC‑200 (Security Operations Analyst) and/or SC‑300 (Identity & Access)
• CompTIA Security+, CySA+, CISSP, or equivalent
• Vendor security certifications (Defender, Sentinel, Fortinet, Sonicwall)
• Practical incident response or threat‑hunting training

Responsibilities

• Serve as senior escalation for complex security alerts, incidents, and platform issues
• Lead investigation, containment, and remediation of high‑impact security events
• Perform root cause analysis and drive preventative security improvements
• Design, implement, and tune security controls across endpoint, identity, email, and cloud platforms
• Develop deep expertise across all security platforms in use, with the ability to continuously tune, optimize, and maximize their effectiveness to improve detection accuracy, performance, and operational outcomes
• Validate effectiveness of security controls and detections across customer environments
• Reduce false positives and alert fatigue through tuning and continuous improvement
• Act as technical lead during security incidents, including coordination with NOC, Network, M365, and leadership
• Support incident impact analysis, recovery recommendations, and post‑incident reviews
• Contribute to the development and refinement of incident response playbooks
• Contribute to security standards, baselines, and reference designs
• Review proposed infrastructure, M365, and network changes for security alignment
• Partner with Security Architects on non‑standard or high‑risk designs
• Lead secure design decisions during project delivery
• Mentor members of the Service Team on tooling, response techniques, and best practices
• Raise the overall technical and operational maturity of the security function
• Share threat intelligence and security insights across teams

Benefits

• Shared group and health benefits
• Continuing Education Program