Sr. Security Engineer

About The Position

Requirements

• The Senior Security Engineer should hold a bachelor's degree in Computer Science, Cybersecurity, or a related field, with a master's degree preferred.
• A minimum of five years of experience in security engineering, particularly focused on cloud environments, is required.
• Prior hands-on experience with Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), and other cloud-native security tools, along with a strong understanding of major cloud platforms such as AWS, Azure, and Google Cloud Platform (GCP) and their associated security services is essential.
• Demonstrated expertise in incident response activities and proficiency in scripting and automation using tools such as Python or PowerShell.
• A solid familiarity with frameworks including NIST CSF, MITRE ATT&CK, ISO 27001, and CIS Benchmarks, along with the ability to align the organization's security program with these frameworks is essential.
• Relevant certifications such as CISSP, CCSP, AWS Security Specialty, or GIAC are highly desirable.

Nice To Haves

• Preferred skills include experience with Zero Trust architecture, strong analytical and communication capabilities, effective project management skills, and the ability to mentor junior analysts and engineers while leading cross-functional security initiatives.

Responsibilities

• Reviews secure cloud architectures across AWS, Azure, and/or GCP, identifies risks, and provides recommendations.
• Develops and enforces cloud security policies, standards, and best practices.
• Drives end-to-end execution of diverse security projects including: Identity & Access Management (IAM) enhancements. Endpoint Detection & Response (EDR) deployments. Network segmentation and Zero Trust implementations. Security automation and orchestration initiatives. System hardening and baseline creation, implementation, and auditing.
• Evaluates and implements new security technologies and tools to strengthen the enterprise security posture.
• Monitors and analyzes security events using SIEM and other detection platforms.
• Leads investigations and coordinates response efforts for security incidents.
• Develops and maintains incident response runbooks and conducts regular tabletop exercises.
• Evaluates existing security posture and provides risk-based recommendations for improvement.
• Supports internal and external audits, risk assessments, and compliance initiatives (e.g., NIST, ISO 27001, SOC 2).
• Maintains documentation for security controls and processes.
• Collaborates with governance and risk teams to align technical controls with policy requirements.
• Leads deployment and tuning of DLP and CASB solutions to safeguard sensitive data across endpoints, cloud services, and email platforms.
• Monitors and responds to data exfiltration attempts and policy violations.
• Conducts regular reviews of data access and usage patterns to identify anomalies.