Sr. Security Engineer

About The Position

Requirements

• 5+ years of hands-on experience in enterprise cybersecurity engineering or security operations.
• Deep expertise with Microsoft Defender for Endpoint (MDE), Intune, and the broader Microsoft 365 Defender suite, or comparable enterprise solutions.
• Demonstrated experience leading or significantly contributing to enterprise vulnerability management programs.
• Proficiency with KQL for threat hunting, detection engineering, and security analytics.
• Strong experience with Azure security, including familiarity with CIS Benchmarks, MCSB, Azure IAM, and Azure Security Center/Defender for Cloud.
• Experience with ServiceNow (VR or SecOps) or comparable ITSM/ticketing platforms.
• Proven ability to work independently, manage multiple initiatives, and drive programs to completion in complex enterprise environments.
• Excellent written and verbal communication skills, with the ability to translate technical findings for non-technical audiences.

Nice To Haves

• Microsoft certifications such as AZ-500 (Azure Security Engineer Associate) or SC-200 (Security Operations Analyst).
• Experience with additional EDR platforms such as SentinelOne, Carbon Black, or Tanium.
• Familiarity with Rapid 7 or comparable vulnerability scanning platforms.
• Scripting or automation experience, particularly PowerShell or KQL-based automation workflows.
• Relevant certifications such as CompTIA Security+, CISA, or CISSP.
• Experience with OT/ICS security environments.
• Background in security program management, process design, or Lean Six Sigma methodologies.
• Prior military service or experience holding a U.S. security clearance.

Responsibilities

• Manage and optimize the enterprise Microsoft Defender for Endpoint (MDE) deployment across a large global endpoint fleet.
• Develop and maintain baseline security policies, Attack Surface Reduction (ASR) rules, and asset tagging strategies within MDE and Microsoft Intune.
• Drive MDR operations including alert triage, threat hunting using KQL advanced hunting queries, and continuous improvement of detection coverage.
• Evaluate, integrate, or retire supplementary EDR/AV tooling to ensure a cohesive, effective endpoint protection program.
• Own the enterprise vulnerability management program end-to-end, from scanning and prioritization through remediation tracking and reporting.
• Integrate vulnerability data with ServiceNow VR or equivalent ITSM platforms to drive structured remediation workflows.
• Build and maintain operational and executive dashboards that communicate risk posture and remediation progress to stakeholders.
• Collaborate with IT and engineering teams to achieve and sustain critical and high vulnerability compliance targets.
• Act as a senior contributor during cyber incident response, serving in roles including incident lead, SOC analyst, and threat intelligence.
• Conduct ongoing security investigations, manage tickets, and provide on-call after-hours incident support as needed.
• Leverage Microsoft Sentinel and MDE for detection engineering, SIEM tuning, and security operations workflow improvements.
• Contribute to the development and maintenance of IR playbooks, runbooks, and lessons-learned documentation.
• Assess and improve Azure security posture by maintaining alignment to CIS Benchmarks and Microsoft Cloud Security Benchmark (MCSB).
• Monitor and drive improvements to Azure Secure Score, establishing regular reporting and remediation cadences with stakeholders.
• Support Azure IAM governance, including reviewing role assignments, enforcing least-privilege principles, and remediating over-permissioned identities.
• Collaborate with cloud and infrastructure teams on secure Azure Landing Zone design and control implementation.
• Lead software security review processes, assessing new and existing software for risk, reputation, and vulnerability exposure.
• Build and maintain automated investigation workflows using MDE advanced hunting and other tools to accelerate software approval decisions.
• Author and maintain enterprise security assessment playbooks and standards to ensure consistent, repeatable review processes.
• Function as a de facto technical project manager for enterprise security initiatives, coordinating across IT, engineering, compliance, and business stakeholders.
• Mentor junior engineers, analysts, and interns, supporting their growth and progression into security careers.
• Effectively communicate security risk and program status to both technical peers and executive leadership.
• Work with and manage the relationship with outside partners and vendors to accomplish goals, hold outside partners to SLAs and standards of work.