Staff Security Engineer

About The Position

Requirements

• A Staff Engineer is expected to have 8–12+ years of experience in IT and Security.
• Mastery of EDR/XDR, SIEM (e.g., Sentinel, Splunk), Firewalls (Fortinet, Palo Alto), and Identity (Azure AD/Entra ID).
• Deep knowledge of cloud-native security tools and Zero Trust architecture.
• Proficiency in Python or PowerShell for API integrations and security automation.
• Ability to explain "zero-day" risks to non-technical business owners (CEOs/CFOs).

Nice To Haves

• CISSP (highly preferred), CISM, CCSP, or advanced provider certs (AZ-500, PCNSE).

Responsibilities

• Security Architecture & Strategy
• Scalable Standard Operating Procedures (SOPs): Design security baselines (NIST, CIS, or ISO 27001) that can be applied to clients ranging from small dental offices to mid-market enterprise firms.
• Tooling Selection: Evaluate and select the "MSP Stack"—SIEM/MDR platforms, EDR/XDR solutions, and automated vulnerability scanners—ensuring they support multi-tenancy.
• Product Development: Partner with the Product or Sales teams to build new "Security-as-a-Service" offerings (e.g., vCISO services or Managed Phishing Simulation).
• High-Level Technical Leadership
• Tier 4 Escalations: Act as the final point of escalation for complex security breaches or persistent threats that Tier 1–3 analysts cannot resolve.
• Automation & Scripting: Write advanced scripts (Python, PowerShell, Bash) to automate threat hunting and remediation across thousands of endpoints simultaneously.
• Cloud Security Mastery: Secure multi-cloud environments (Azure, AWS, GCP) for clients, ensuring proper identity management (MFA/Conditional Access) and data encryption.
• Mentorship & Governance
• Team Upskilling: Mentor Junior and Senior Engineers, conducting code reviews and architectural deep-dives.
• Compliance & Auditing: Lead clients through regulatory audits (HIPAA, GDPR, PCI DSS) and ensure the MSP itself remains compliant (SOC2).