Cybersecurity Engineer, Lead
Independence Pet Group · Chicago, IL · 2 mo ago
HybridInformation TechnologyFull-time
Responsibilities
- Collaborate with the Security Engineering team to implement, configure, and enforce robust security solutions across cloud and legacy environments based on the enterprise security architectures, CIS Benchmarks, Microsoft security baselines, and internal company policy requirements.
- Manage the security of and enforce proper data governance rules across collaboration and email tools.
- Effectively manage vulnerability scans, perform security assessments of applications and systems, and collaborate with IT teams to effectively resolve vulnerability findings in a timely manner.
- Manage, configure, and optimize key cybersecurity tools and technologies such as SIEM, threat intelligence, and cloud security platforms, and develop automations and integrations between systems to improve visibility and response efficiency.
- Collaborate with DevOps and Engineering teams to integrate security measures into the CI/CD pipeline, promoting the principles of DevSecOps to ensure secure application development and deployment.
- Contribute to the development and testing of disaster recovery procedures that meet business and compliance needs.
- Support and implement the enforcement of data privacy requirements and regulations, as needed.
- Support identity and access security initiatives with conditional access, MFA, PIM, and just-in-time access across Entra ID, Active Directory, and/or Ping Identity to uphold least-privilege principles.
- Maintain professional security documentation such as diagrams, data flows, and procedures.
- Participate in audits, assessments, and continuous improvement activities to define, measure, visualize, and improve key cybersecurity metrics.
- Stay current with emerging cybersecurity trends, tools, and technologies to ensure the organization's security capabilities remain effective and up to date.
Requirements
- Bachelor's degree in Computer Science, Information Technology, or related field,
- At least 10 years of experience in cybersecurity engineering, security architecture, or infrastructure protection, with primary experience in enterprise Microsoft environments, 5 of these years within financial services or insurance industry highly preferred.
- Relevant certifications such as CISSP, CEH, CISM, or GIAC is highly desirable.
- Practical knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO, CIS, OWASP).
- Hands-on experience with Microsoft security technologies such as Defender for Cloud, Defender for Endpoints, XDR, Sentinel, and Purview, with a deep understanding of Azure and Microsoft 365 security architecture.
- AWS and GCP similar expertise are a plus.
- Strong experience with common security tools and technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM systems, email security & data loss prevention (DLP) tools, cloud security tools, endpoint protection, encryption, and vulnerability scanners.
- Experience supporting regulatory and compliance programs such as NYDFS Part 500, PCI DSS, HIPAA, and SOC 2 through control implementation, evidence collection, and audit readiness.
- Experience with DevSecOps and understanding of security considerations in DevOps environments, including familiarity with automation tools and secure coding practices.
- Experience with IAM and CIAM configuration and best practices, particularly in Microsoft Entra ID and/or Ping Identity.
- Excellent analytical and problem-solving skills, with the ability to adapt to changing threats and requirements.
- Advanced knowledge of the Windows operating system and a working understanding of Linux and MacOS.
- Strong communication skills, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
- Able to work independently as well as collaborate effectively with multidisciplinary teams.
- Detail-oriented and proactive in identifying and resolving problems.