Staff Engineer - Cybersecurity

About The Position

Requirements

• 7+ years of hands-on experience in security engineering roles.
• 2+ years of hands-on experience in software engineering.
• Strong understanding of security principles, software development, IAM, networking, and application security.
• Demonstrated ability to influence technical direction across teams and mentor other engineers.
• Strong problem-solving, communication, and documentation skills.
• Proven ability to collaborate with and influence cross-functional technical teams.
• DevOps methodologies and principles (CI/CD pipelines, Infrastructure as Code, GitOps)
• Vulnerability Management platforms (Qualys, Rapid7 InsightVM, Tenable)
• EDR platforms (Microsoft Defender for Endpoint, CrowdStrike, SentinelOne)
• Compliance frameworks (PCI DSS, SOX, NIST, CIS 18)
• DLP solutions (Microsoft Purview, Symantec, Trellix)
• Large Language Models (LLMs) and prompt engineering applied to security workflows
• Extensive hands-on experience with:
• Microsoft security platforms (Sentinel, Defender, Entra ID, Purview)
• SIEM platforms (Microsoft Sentinel, Splunk, Rapid7) including detection engineering and analytics rule development
• Security automation (SOAR, CI/CD, IaC) and building automated response playbooks
• Python, REST APIs, and data formats (JSON, CSV, XML)
• Azure and AWS cloud environments, including cloud-native security controls
• Linux and Windows administration

Nice To Haves

• ISC(2): CISSP, CISM, CCSP
• AWS Certified: Security – Specialty, Solutions Architect Associate
• Microsoft Certified: Azure Security Engineer Associate, Identity and Access Administrator Associate, Security Operations Analyst Associate
• Cisco Certified: CCNA, CCNP
• HashiCorp Certified: Terraform Associate
• Offensive Security: OSCP, OSCE

Responsibilities

• Microsoft Security Ecosystem Integration: Partner with Identity and Endpoint teams to drive ≥ 90% coverage of Conditional Access and PIM enforcement. Guide the deployment strategy for Microsoft Defender capabilities to reach ≥ 95% of eligible assets. Oversee the architectural integration of Sentinel with core telemetry sources to enable high-fidelity detection and response coordination.
• SIEM, SOAR, and SecOps Effectiveness: Champion automation initiatives to reduce mean time to detect (MTTD) and respond (MTTR) by ≥ 30% through improved correlation and playbook design. Lead the design of SOAR workflows to automate ≥ 60% of repetitive tasks, partnering with SecOps for implementation. Drive the strategy for improving signal-to-noise ratio by guiding the tuning of detections based on threat trends.
• Hybrid Cloud Security Posture and Resilience: Define and guide the adoption of policy-as-code guardrails for cloud and on-premises infrastructure. Drive the strategy for hybrid telemetry integration and posture monitoring to enable faster risk identification. Partner with engineering and infrastructure teams to prioritize and track the remediation of high-risk misconfigurations and vulnerabilities.
• Technical Leadership and Security Influence: Champion the adoption of security engineering standards, reference architectures, and implementation patterns across teams. Represent security in architectural decision-making as a trusted technical authority, influencing major technology initiatives. Mentor engineers and elevate team capabilities through coaching, design reviews, and sharing operational best practices.