Technology Risk - Security Engineer (Dallas, TX)

About The Position

Requirements

• At least eight-plus years’ experience in Windows platform security or a related role.
• Proficient with security configuration management tools
• Ability to influence technical teams, business units and collaborate to reduce attack surface.
• Capacity to comprehend complex technical infrastructure, identities, access controls and least privilege.
• Strong written and oral communication skills across varying levels of the organization.
• In-depth knowledge of Windows OS hardening (Workstations and Windows Servers).
• Experience with Group Policy (GPO), Security Baselines, and hardening Benchmarks.
• Experience with EDR/XDR platforms.
• Configuration of endpoint protection, threat hunting, and automated remediation.
• Experience with patch management and endpoint compliance / mobile device management tooling.
• Understanding of identity & access management solutions.
• Implementation of Conditional Access, Multi-Factor Authentication (MFA), and Privileged Identity Management (PIM).
• Understanding of authentication protocols (Kerberos, NTLM, SAML, OAuth, OpenID Connect).
• Experience with Single Sign-On (SSO) and identity lifecycle governance.
• Experience securing Windows Desktop deployments.
• Knowledge of provisioning policies, security baselines, and access controls for Windows Desktops.
• Experience with modern workplace productivity tooling on desktop
• Experience managing and securing enterprise browsers
• Configuration of browser policies, extension governance, and safe browsing controls.
• Strong understanding of networking fundamentals (TCP/IP, DNS, DHCP, VPN, firewalls).
• Experience with proxy and secure web gateway solutions.
• Knowledge of network segmentation, Zero Trust networking, and Secure Access Service Edge (SASE) concepts.
• Demonstrable experience securing cloud environments.
• Familiarity with network security groups (NSGs).
• Understanding of hybrid identity, RBAC, and cloud security posture management (CSPM).
• Experience managing security across both on-premises and cloud (hybrid) architectures.

Responsibilities

• Design, implement, and maintain security baselines and hardening standards across the Windows platform (client and server operating systems).
• Administer and optimize endpoint security tooling, including EDR/XDR, antivirus, and threat detection solutions.
• Manage Identity and Access Management (IAM) controls, including authentication, authorization, privileged access, and conditional access policies.
• Secure modern workplace solutions including Windows Desktops, productivity solutions, and enterprise browser deployments.
• Architect and enforce network security controls across on-premises and cloud environments, including proxy and web gateway solutions.
• Collaborate with Infrastructure, Cloud, and Cyber Defense teams to ensure consistent security posture across hybrid environments.
• Conduct vulnerability assessments and remediation planning.
• Apply security best practices to harden OSes, maintain secure configurations and reduce host attack surface.
• Draft security policies, standards and procedures.
• Contribute to technical and business discussions for security strategy with an emerging threat landscape.
• Design and develop for shared services, workflows and processes for on-premises and hybrid (on prem + cloud) solutions.
• Design for integrated security controls, workflows, data protection, authentication and authorization.
• Design security for monitoring, logging, IAM, encryption, data protection, detection and preventive controls.
• Advise and design with commercial and open-source security tools and controls.
• Stay up to date with cybersecurity threats, risks and vulnerabilities with potential impact on services.