Senior Cyber Security Engineer

The Senior Security Engineer plays a critical leadership role in securing the organization's IT operations and infrastructure across the enterprise. Reporting directly to the CISO, this role is responsible for implementing and maintaining advanced security technologies, identifying and mitigating threats, and supporting enterprise security initiatives. The Senior Security Engineer serves as a technical expert and advisor, helping to shape the security posture of the organization while aligning with business objectives and compliance requirements.

CORE RESPONSIBILITIES

Enterprise Infrastructure Security:

• Implement and maintain layered security defenses for servers, workstations, virtual environments, and remote access technologies.
• Collaborate with IT and DevOps teams to integrate security controls into system architecture and deployment pipelines.
• Monitor and enforce endpoint protection strategies, secure configuration management, and system patching.
• Evaluate and secure third-party services, SaaS integrations, and vendor platforms connected to enterprise infrastructure.

Security Architecture and Hardening:

• Create secure design blueprints for on-premise, hybrid, and cloud infrastructure deployments (AWS, Azure, GCP).
• Define and maintain technical baselines in accordance with CIS Benchmarks or NIST 800-53.
• Provide expert guidance on secure deployment patterns, encryption protocols, and segmentation strategies.
• Conduct architectural reviews and threat modeling for new projects and technology initiatives.

Threat Detection, Incident Response, and Remediation:

• Design and tune SIEM alerts, use cases, and playbooks to detect and respond to threats.
• Serve as escalation point for high-severity incidents; lead containment, eradication, and recovery activities.
• Perform root cause analysis and coordinate post-incident reviews with cross-functional teams.
• Leverage threat intelligence sources to proactively identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).

Policy, Compliance, and Audit Support:

• Collaborate with compliance and internal audit teams to prepare for regulatory and customer audits (e.g., SOC 2, ISO 27001).
• Maintain security policy documentation, standards, and procedures aligned with business needs.
• Support user awareness training, privileged access reviews, and data classification initiatives.
• Review and validate security control implementation across environments and projects.

Vulnerability Management and Risk Assessment:

• Manage enterprise-wide vulnerability scanning schedules, tool administration, and result interpretation.
• Partner with infrastructure and application teams to drive timely patching and risk mitigation.
• Assess emerging threats, misconfigurations, and weaknesses across cloud and on-prem systems.
• Maintain metrics and dashboards to report on risk posture, remediation progress, and SLAs.

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• 7+ years of experience in cybersecurity or IT infrastructure with increasing responsibility.
• 3+ years in a senior security engineering or architecture role, preferably within a large enterprise environment.
• Proven track record leading security initiatives, managing large-scale implementations, and responding to major incidents.
• Deep understanding of network security, cloud security (IaaS/PaaS/SaaS), and endpoint protection.
• Hands-on expertise with security tools including:
• SIEMs (e.g., Splunk, Microsoft Sentinel)
• EDR/XDR (e.g., CrowdStrike, Defender for Endpoint)
• Vulnerability scanners (e.g., Tenable, Qualys)
• Firewall and IDS/IPS management (e.g., Palo Alto, Cisco, Snort)
• Strong experience with identity and access management (IAM), privileged access management (PAM), and zero trust architectures.
• Familiarity with incident response frameworks, forensics, and threat intelligence tools.
• Solid knowledge of compliance frameworks: NIST 800-53, ISO 27001, CIS Controls, SOC 2.
• Required: At least one of the following:
  • CISSP (Certified Information Systems Security Professional)
  • GIAC (GSEC, GCIA, GCIH, or similar)
  • Microsoft Certified: Cybersecurity Architect or SC-100

• A master's degree or continued education in cybersecurity or business (MBA) is a plus.
• CEH, CISM, AWS/Azure Security Specialty, or OSCP