Security Engineer (Senior Level)

Ntiva, Inc.

6d•$81,000 - $120,000•Hybrid

About The Position

At Ntiva, we’re more than a Managed Services Provider, we’re a community dedicated to helping each other, our clients, and their businesses thrive both personally and professionally. Ntiva is a culture of people who are passionate about the work…and each other. Our clients view us as an essential part of their teams, relying on us for strategic guidance, fast solutions to complex challenges, and proactive support. With strategic locations across the U.S. and leadership from our founder, Steven Freidkin, we’re on the front lines of a fast-paced industry, facing cybersecurity threats and rapid technology changes together. As a Senior Security Engineer, you serve as the senior technical advisor for high-risk security remediation, planned security infrastructure changes, and limited post containment recovery for GovCon clients. You are responsible for performing risk based technical analysis, sequencing recommendations, and clearly defining change guardrails that protect system stability, compliance posture, and service margins. This role owns engineering judgment and technical recommendations, not just implementation. You are expected to identify unsafe or insufficiently defined work, recommend delays when requirements are not met, and ensure all changes include clear success, validation, and rollback criteria.

Requirements

5+ years of experience in Security Engineering, Infrastructure Engineering, or Systems Engineering, with ownership of high impact changes.
Demonstrated authority executing availability impacting security changes using disciplined rollback and validation practices.
Strong working knowledge of firewalls, network security devices, and firmware lifecycle management.
Experience with configuration hardening for Windows and Linux servers.
Solid understanding of identity, endpoint, and network security controls, including the use of compensating controls.
Experience leading post incident technical recovery following MSSP/SOC containment, including stabilization and determination of steady state.
Experience supporting GovCon or compliance driven environments.
Ability to partner effectively with internal teams, vendors, and client stakeholders.
Strong problem-solving skills with emphasis on stability, predictability, scope enforcement, and verified closure.
Ability to operate under pressure with a tactful, professional demeanor.
Ability to communicate professionally, in English, both written and orally.
Ability to write business correspondence and process procedures.
Ability to effectively present information and respond to questions from groups of managers, clients, and the general public.
U.S. citizenship due to federal government contract obligations and access to secured information systems.

Nice To Haves

Experience supporting GovCon or compliance driven environments (CMMC, DFARS, ITAR, NIST 800171 preferred).

Responsibilities

Provide senior level technical recommendations and execution guidance for high-risk remediation and availability impacting security changes.
Analyze and recommend change sequencing, blast radius reduction strategies, rollback feasibility, and validation requirements.
Require defined success criteria and rollback plans prior to execution; formally recommend delay or redesign when requirements are insufficient.
Execute approved proactive security remediation requiring advanced engineering judgment or infrastructure changes.
Perform approved, availability impacting security changes including firewall, firmware, and network security updates.
Implement configuration hardening and security control changes across servers, endpoints, and network infrastructure.
Serve as the senior technical lead for post containment recovery, guiding environments back to a validated steady state following MSSP/SOC containment.
Coordinate technical recovery activities across company stakeholders, and third-party vendors to prevent uncontrolled rebuild work.
Validate remediation outcomes against defined technical success criteria and confirm verified closure of findings.
High‑impact and high‑risk remediation requiring senior engineering analysis and judgment.
Planned firewall, firmware, and infrastructure security updates on an approved cadence.
Availability‑impacting security changes executed with defined rollback and validation steps.
Post‑containment recovery technical leadership for: Business Email Compromise (BEC), Malware mitigation/removal (non‑ransomware), Foreign or impossible login events (nonforensic).
EDR agent deployment, health monitoring, and lifecycle management across all endpoints and servers.
EDR Policy configuration, tuning, and optimization aligned to GovCon risk profiles.
Implementation, and maintenance of web filtering security policies.
Review and investigation of web filtering security events.
Review and actioning of MDR threat intelligence and recommendations to enhance client environments.
Participation in quarterly client security posture reviews to assess risk trends and control effectiveness.
Review of DLP policies and tuning to reduce false positives while maintaining protection efficacy.
Review and update of Microsoft Sentinel data connectors.
Other duties as assigned.

Benefits

Medical, Dental and Vision coverage for employee and family
401k + company-matched contributions 4% match on 5% contribution - no vesting period! (Employee and Company contribute after 90 days)
Group Term Life and Accidental Death and Dismemberment coverage (company provided)
Short-Term (voluntary enrollment) and Long-Term Disability coverage (company provided)
Health Savings Account (HSA) Options / PPO Options
Employee Assistance Program
Paid Time Off (PTO) + Volunteer Time Off (VTO) + 8 Paid Holidays + 3 Floating Holidays
Education Reimbursement Program
Generous Employee Referral Program - cash bonus for successful referrals!
Dynamic Recognition and Rewards
Clear Promotion and Advancement Tracks
Work with Industry-Leading Talent