Senior Security Engineer
Vessco Water · Chanhassen, MN · 4 days ago
HybridEngineering$160/hrFull-time
Key Duties And Essential Functions
- Serve as primary administrator and technical owner for enterprise security platforms, including Arctic Wolf, end point EDR, email security technologies, and other security tools.
- Design, implement, and maintain security capabilities within the Microsoft cloud ecosystem, including Microsoft Defender, Microsoft Purview, Microsoft Intune, Microsoft Entra ID, Conditional Access, and related Microsoft security technologies.
- Maintain and optimize security monitoring, detection, and response capabilities.
- Manage security platform configurations, integrations, upgrades, and operational health.
- Evaluate and recommend new security technologies and capabilities.
- Develop and maintain platform standards, procedures, and documentation.
- Leverage automation and AI-enabled capabilities to improve security operations, threat detection, incident response, and overall program effectiveness.
Security Operations and Incident Response
- Monitor, investigate, and coordinate response to security alerts and incidents.
- Act as primary responder for tickets, alerts, and investigations generated by the organization’s third-party Security Operations Center (SOC).
- Perform security analysis to determine root cause, scope, impact, and remediation requirements for security events.
- Coordinate containment, eradication, recovery, and post-incident activities.
- Partner with managed security providers and technology teams to ensure timely remediation of security events.
- Lead vulnerability management activities, including identification, prioritization, tracking, and remediation coordination.
- Validate effectiveness of security controls through testing and review activities.
- Develop operational processes that improve security visibility and response effectiveness.
- Participate in incident response planning, tabletop exercises, and continuous improvement activities.
Security Assessment and Risk Management
- Lead post-acquisition and post-close security assessments for newly acquired companies.
- Develop and execute security integration plans for newly acquired companies, including identity, endpoint protection, email security, logging, vulnerability management, and Microsoft 365 security controls.
- Conduct internal security assessments, technical reviews, and risk evaluations.
- Document findings, recommendations, and remediation plans.
- Track remediation efforts and validate completion of corrective actions.
- Support cybersecurity due diligence activities related to mergers and acquisitions.
- Assess security risks associated with new technologies, applications, cloud services, and AI-enabled solutions.
- Partner with Infrastructure and Enterprise Applications teams to standardize security controls while supporting the organization's operating company model.
Security Engineering
- Design, implement, and maintain technical security controls.
- Support secure architecture and design reviews for infrastructure, cloud, application, and business initiatives.
- Develop automation and process improvements to increase operational efficiency.
- Participate in security-related projects and technology implementations.
- Assist with development and implementation of security standards and technical guidelines.
- Partner with technology teams to embed security requirements into enterprise solutions and operational processes.
Information Security Program Support
- Serve as the technical lead for the Information Security Program.
- Lead the technical evaluation of AI-enabled technologies, ensuring appropriate governance, data protection, access controls, and compliance with organizational security standards.
- Partner with business leaders to enable secure adoption of Microsoft Copilot and other approved AI technologies while mitigating security and privacy risks.
- Identify opportunities to leverage AI capabilities to enhance threat detection, security operations, vulnerability management, and other security functions.
- Partner with business and technology teams to integrate security requirements into operational processes and projects.
- Support audit, compliance, and risk management activities.
- Assist with development and maintenance of security policies, standards, and procedures.
- Provide technical security guidance and subject matter expertise across the organization.
Required Qualifications
- Bachelor’s degree in Information Security, Cybersecurity, Information Technology, Computer Science, or related field, or equivalent professional experience.
- 8+ years of experience in cybersecurity, security engineering, security operations, incident response, or related technical security roles.
- Experience administering enterprise security technologies and platforms.
- Experience performing security assessments, vulnerability management, and incident response activities.
- Experience working with Microsoft Azure and Microsoft 365 security technologies, including Microsoft Defender, Microsoft Purview, Microsoft Intune, and Microsoft Entra ID.
- Strong understanding of security principles, frameworks, and industry best practices.
- Strong technical understanding of cybersecurity technologies and controls.
- Knowledge of endpoint protection, email security, vulnerability management, SIEM, identity security, cloud security, and security monitoring technologies.
- Ability to analyze security risks and recommend practical mitigation strategies.
- Strong troubleshooting and problem-solving skills.
- Able to manage multiple priorities and projects simultaneously.
- Effective written and verbal communication skills.
- Ability to communicate effectively with technical and non-technical stakeholders.
- Strong documentation, organizational, and analytical skills.
- Able to lead technical investigations and coordinate cross-functional response activities.
Preferred Qualifications
- Experience with Arctic Wolf, Sophos, Securence, and Microsoft security technologies.
- Experience securing Microsoft 365 environments in organizations with multiple business entities, acquisitions, or decentralized operating models.
- Experience working with managed security service providers (MSSPs).
- Experience supporting organizations pursuing or maintaining CMMC compliance.
- Security certifications such as CISSP, GIAC, Security+, CySA+, GSEC, Azure Security Engineer Associate, or equivalent.
- Experience with security automation, scripting, and AI-enabled security technologies.