SR. Cybersecurity Engineer

Sonny's Enterprises•Tamarac, FL

About The Position

The Senior Cybersecurity Engineer is responsible for establishing and operating cybersecurity controls across a fragmented technology environment spanning cloud infrastructure, enterprise applications, endpoint platforms, and customer-facing systems. This role will operate independently to identify, prioritize, and resolve the most critical security risks. Initial efforts will prioritize identity and access control, including the development of role-based access models, and targeted vulnerability reduction. Additional areas, including data protection and tooling optimization, will be expanded over time. This is a hands-on role focused on execution and risk reduction. The role is expected to prioritize and sequence work across identity, vulnerability management, incident response, and security tooling, focusing first on the highest-risk areas and expanding coverage over time rather than attempting to implement a fully mature security program immediately.

Requirements

5–8 years of hands-on cybersecurity experience across multiple domains such as identity and access, endpoint security, cloud security, or security operations.
Experience operating in mid-maturity or fragmented environments with mixed security tooling and unclear ownership.
Experience with Microsoft security and identity platforms, including Azure / Entra ID.
Experience with endpoint security and cloud security tools.
Familiarity with SIEM, logging, and managed detection and response (MDR) environments.
Working knowledge of network security concepts and controls.

Nice To Haves

Bachelor’s degree in Information Security, Information Technology, Computer Science, or a related field preferred.
Relevant certifications such as Security+, CISSP, Azure Security Engineer, or similar are a plus but not required.
Preferred experience supporting enterprise business systems and customer-facing platforms.
Preferred exposure to data protection capabilities such as DLP, classification, or information governance.
Preferred experience supporting environments with mixed device management and third-party service providers.

Responsibilities

Assess security risks across cloud, endpoint, network, and enterprise application environments.
Identify and prioritize the most critical risks, including access sprawl, cloud exposure, and unremediated vulnerabilities.
Focus efforts on high-impact risk reduction in prioritized areas of the environment.
Establish and enforce access request and approval processes across systems.
Define and implement practical access control standards across Azure/Entra ID and Enterprise business Systems and applications.
Develop and implement role-based access control (RBAC) models, beginning with core business roles and extending across systems.
Reduce over-permissioning and address fragmented access models.
Implement controls for contractor and vendor access.
Conduct access reviews and ensure remediation is completed.
Review and prioritize vulnerabilities identified across cloud, endpoint, and infrastructure environments.
Identify vulnerabilities that represent real business risk and focus remediation accordingly.
Drive remediation across infrastructure, Enterprise Applications, and Engineering teams.
Execute remediation directly where ownership is unclear or action is delayed.
Establish practical tracking and accountability for vulnerability remediation.
Act as the primary internal owner for security incidents and alerts.
Coordinate with external security monitoring and response providers and internal logging platforms.
Define and enforce severity levels and escalation paths.
Lead response to high-severity incidents and execute containment actions as needed.
Ensure incidents are actively managed and resolved across teams.
Own the effectiveness of security tooling across endpoint, cloud, network, and monitoring domains.
Improve configuration and effectiveness of existing tools in priority areas.
Identify gaps, overlaps, and opportunities for rationalization across the security stack.
Ensure tooling is aligned to risk reduction and not solely reporting.
Support the phased implementation of data protection capabilities, including data loss prevention and data classification.
Contribute to the development and refinement of policies and controls for sensitive data handling.
Assist in establishing processes for alert triage, escalation, and exception handling related to data protection controls.
Support investigations and information discovery activities as needed.
Collaborate with stakeholders to promote appropriate data handling practices and reduce risk over time.
Work across Infrastructure, Enterprise Applications, and Engineering teams to resolve security risks and vulnerabilities.
Drive accountability for remediation and control adherence without relying on formal authority.
Enforce security standards and remediation expectations across teams with executive backing.
Provide practical security input into system design, integrations, and platform changes across cloud and customer-facing systems.
Step in to resolve issues that lack clear ownership or stall across teams.