Jobs · Information Technology · Texas

Senior Associate Information Security (San Antonio, TX)

Affinius Capital · San Antonio, Texas Metropolitan Area · 3 wk ago
On-siteInformation Technology$61/hrFull-time

About the role

The Senior Associate Information Security leads the organization’s cybersecurity program across a hybrid on-premises and Microsoft Azure environment. This role oversees security operations, governance, risk management, and incident response while partnering closely with infrastructure, cloud, compliance, and business leaders.

Responsibilities

  • Lead day-to-day security operations across Microsoft Defender XDR, including Defender for Endpoint, Identity, Office 365, Cloud Apps, Defender for Cloud, and Microsoft Sentinel
  • Oversee detection, investigation, and response to security incidents, including phishing, BEC, endpoint compromise, identity attacks, and insider risk
  • Own and continuously improve incident response playbooks, tabletop exercises, and post-incident reviews
  • Manage security monitoring, alert tuning, and automation (SOAR) to reduce noise and improve mean time to detect/respond (MTTD/MTTR)
  • Identity, Access & Cloud Security
    • Govern Microsoft Entra ID security, including Conditional Access, MFA, Privileged Identity Management (PIM), identity protection, and access reviews
    • Partner with infrastructure and cloud teams to secure hybrid Active Directory, Azure subscriptions, and workloads
    • Ensure secure configuration baselines for endpoints, servers, and cloud resources using Microsoft security best practices
  • Governance, Risk & Compliance
    • Maintain and mature the organization’s information security program, policies, and standards (e.g., access control, incident response, data protection)
    • Map technical controls to frameworks such as NIST CSF, ISO 27001, or similar
    • Support audits, risk assessments, vendor security reviews, and regulatory/compliance initiatives
    • Track and report security risk, control effectiveness, and remediation progress to leadership
  • Data Protection & Information Governance
    • Partner with Legal, Compliance, and IT to protect sensitive data using Microsoft Purview, DLP, retention, and eDiscovery
    • Ensure appropriate controls for data classification, encryption, and information lifecycle management
  • Leadership & Collaboration
    • Manage security operations resources (internal or MSSP)
    • Serve as a trusted advisor to IT leadership and business stakeholders on security risk and strategy
    • Drive security awareness and training initiatives across the organization
    • Participate in architecture and project reviews to embed security by design

Requirements

  • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
  • 5+ years of progressive experience in information security
  • Strong hands-on experience with:
    • Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps)
    • Microsoft Entra ID (Azure AD), Conditional Access, MFA, PIM
    • Microsoft 365 security and compliance features
    • Hybrid on-premises and Azure environments
  • Proven experience leading incident response and security investigations
  • Solid understanding of security frameworks, risk management, and audit processes
  • Ability to communicate complex security topics clearly to executives and non-technical audiences
  • Willing to work onsite full-time

Qualifications

  • Preferred Qualifications
    • Microsoft security certifications (e.g., SC-200, SC-300, SC-100, AZ-500)
    • Industry certifications such as CISSP, CISM, CRISC, or GIAC
    • Experience with Defender automation, KQL, Sentinel, or SOAR tooling
    • Experience in financial services, real estate, or regulated environments
    • Experience integrating third-party tools with Microsoft Defender and M365

Similar jobs