Senior Info Security Engineer
Core & Main · St Louis, MO · 5 days ago
On-siteInformation TechnologyFull-time
Key Responsibilities
- Own and enhance enterprise security monitoring capabilities across SIEM and related telemetry platforms.
- Design, implement, and improve detections, dashboards, alerting, and monitoring content to increase signal quality and operational value.
- Engineer reliable telemetry collection, normalization, and monitoring workflows to support data quality, operational resilience, and long-term maintainability.
- Partner with SOC and MDR stakeholders to improve monitoring coverage, detection effectiveness, and response outcomes.
- Mature detection engineering practices, use cases, and workflows to strengthen monitoring quality over time.
- Design, implement, and support cloud IAM controls focused on least privilege, access governance, and identity-based security.
- Build and maintain controls in platforms such as Microsoft Entra, including Conditional Access and privileged access controls.
- Strengthen identity posture across users, administrators, service principals, and other non-human identities.
- Evaluate and improve access models to reduce risk while supporting business operations.
- Support Improve SOC and MDR effectiveness through enhancements to detection content, enrichment, workflows, and technical integrations.
- Collaborate with incident response, MDR, and threat intelligence stakeholders to strengthen threat-informed monitoring and investigative value.
- Provide engineering support during security incident escalations, including troubleshooting, coordination, and improvement of detection and response workflows.
- Drive post-incident improvements that increase visibility, prioritization, and operational effectiveness.
- Build, operate, and mature privileged access capabilities that protect privileged credentials, administrative access, and high-risk workflows.
- Standardize and improve privileged account onboarding, credential governance, vaulting, rotation, and access workflows.
- Strengthen the reliability, auditability, and operational effectiveness of PAM services through clear runbooks and repeatable processes.
- Partner with security and infrastructure teams to ensure PAM capabilities are scalable and aligned to enterprise standards.
- Partner with security leadership and architecture to implement strategic security priorities through well-engineered, measurable controls.
- Serve as a senior technical resource and escalation point for complex security engineering issues across core control domains.
- Create and maintain technical documentation, runbooks, and guidance that improve repeatability and supportability.
- Support control validation and technical evidence requests related to implemented security controls, as needed.
Required Qualifications
- 7+ years of experience in information security engineering, security platform engineering, identity security, security operations engineering, or a related field.
- Strong hands-on experience with SIEM/security monitoring platforms, including detection content, alerting, dashboards, tuning, and telemetry onboarding.
- Working knowledge of cloud IAM, including Microsoft Entra / Azure AD, Conditional Access, privileged roles, access governance, and identity security concepts.
- Experience with Privileged Access Management (PAM) and/or enterprise secret management platforms.
- Familiarity with supporting SOC, MDR, or threat detection and response functions in an enterprise environment.
- Strong understanding of identity, authentication, authorization, least privilege, and privileged access control principles.
- Strong written and verbal communication skills, including the ability to document designs, standards, and implementation guidance.