Jobs · Information Technology · Washington

Cybersecurity Engineer

Trupanion · Seattle, WA · 1 wk ago
Information Technology$140k–$160k/yrFull-time

About the role

Company Description
Trupanion is a leading provider of medical insurance for cats and dogs in North America. Our mission is to help loving, responsible pet owners budget and care for their pets. At Trupanion, we offer a collaborative, casual, and pet-friendly environment where everyone is encouraged to be themselves.

Responsibilities

  • Engineer, operate, and continuously improve the Microsoft Defender security stack (e.g., Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps, Defender Vulnerability Management) to protect endpoints, identities, email, and cloud applications.
  • Own and administer Privileged Access Management tool, including onboarding/offboarding privileged accounts, policy and workflow configuration, vault health, upgrades, and integrations.
  • Integrate Defender and PAM signals with SIEM/SOAR and ITSM workflows to improve detection fidelity, reduce false positives, and accelerate response and remediation.
  • Design and implement security engineering solutions across cloud and on-prem environments (primarily Azure/M365), including baseline hardening, configuration standards, and security control automation.
  • Create and maintain security tooling lifecycle management (health, licensing, capacity, performance, roadmap, and upgrades), ensuring resilient and supportable operations.
  • Create and maintain detection engineering content: analytic rules/use cases, alert tuning, threat hunting queries, and automated response playbooks.
  • Perform security assessments and vulnerability management, including scanning, prioritization, remediation tracking, and validation of fixes in partnership with IT and engineering teams.
  • Partner with infrastructure, identity/IAM, and application teams to embed security controls into designs and delivery (secure-by-default patterns, CI/CD security checks, and least-privilege access).
  • Respond to security incidents as an engineering escalation point—triage alerts, contain threats, coordinate remediation, and drive root-cause fixes and preventive controls.
  • Produce clear, accurate, and up-to-date runbooks, procedures, and reference architectures for security tooling and operational processes.
  • Support audits and regulatory exams by providing evidence, control narratives, and technical subject-matter expertise for implemented security controls.
  • Stay current with emerging threats and Microsoft security capabilities; recommend and implement pragmatic improvements to Trupanion’s security posture.

Qualifications

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).
  • 5+ years of hands-on security engineering experience supporting enterprise security platforms in Microsoft 365/Azure environments.
  • Relevant certifications (one or more preferred): Microsoft Security (e.g., SC-200/SC-300/SC-100), AZ-500, CISSP, CISM, GIAC, or equivalent.

Skills

  • Deep expertise securing Microsoft 365 and Azure, including identity, endpoint, email, and cloud security controls.
  • Demonstrated experience administering Microsoft Defender components and/or XDR/SIEM platforms, including alert tuning, detection engineering, and incident response collaboration.
  • Experience implementing or operating Privileged Access Management (CyberArk preferred) and integrating PAM with identity and security monitoring systems, including policy configuration, privileged session controls, onboarding/ offboarding, and operational troubleshooting.
  • Strong hands-on experience with the Microsoft Defender stack (Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps, Defender Vulnerability Management) and associated investigation workflows.
  • Experience with XDR/SIEM operations and integration (e.g., Microsoft Sentinel or equivalent): alert triage, tuning, threat hunting, and automation/playbooks.
  • Strong identity and access management knowledge, including Entra ID (Azure AD), conditional access, MFA, least privilege, and role-based access control.
  • Security engineering fundamentals across Windows, macOS, and Linux, plus network and cloud concepts (TLS, DNS, routing, segmentation, logging).
  • Proficiency in scripting and automation (PowerShell and/or Python) to operationalize controls, integrate platforms, and improve reliability.
  • Experience with vulnerability management and remediation workflows, including scanning, prioritization, validation, and reporting.
  • Working knowledge of secure SDLC and DevSecOps practices, including CI/CD security checks, secrets handling, and infrastructure-as-code security.
  • Familiarity with security frameworks and controls (NIST, CIS, ISO 27001) and translating requirements into implementable technical standards.
  • Strong communication skills with the ability to explain security issues, tradeoffs, and remediation steps to both technical and non-technical stakeholders.
  • Excellent problem-solving, analytical skills, and the ability to prioritize and deliver across multiple concurrent initiatives.
  • Experience developing and maintaining runbooks, technical documentation, security guidelines, and reference architectures.

Compensation

The base pay range for this position is $140,000-$160,000, on a full-time schedule. Along with base compensation, Trupanion employees are currently eligible for monthly bonuses. We want all employees to be invested in Trupanion’s success, so we grant Restricted Stock Units to all new team members. Our new hire grants vest over 4 years.

Benefits and Perks

  • Full medical, dental, and vision benefits at no cost to the employee
  • Four weeks of paid time off and 9 paid float holidays (you can decide which days are most important to you!)
  • Five-week sabbatical after five years of employment
  • Open, casual, pet-friendly, and fun office environment
  • Free medical health insurance for your pet (1 dog or cat)
  • Paid time off to volunteer at nonprofit organizations
  • Seattle Office Amenities: Free on-site gym, free dog walking services for office pets during business hours, free parking, and paid ORCA cards.

Additional Information

Trupanion is an equal-opportunity employer and embraces diversity. We are committed to building a team that represents a variety of backgrounds, abilities, perspectives, and skills.

Similar jobs

Cybersecurity Engineer

Life Cycle EngineeringSt Louis, MO· 1 wk ago
Information Technologyapply on www2.jobdiva.com

Cybersecurity Engineer

MACHINE LEARNING TECHNOLOGIES LLCAustin, TX· 3 wk ago
Information Technologyapply on machinele.com

Cybersecurity Engineer

Infinity Systems EngineeringAlbuquerque, NM· 1 mo ago
Information Technologyapply on workforcenow.adp.com