Jobs · Engineering · Minnesota

Senior Security Engineer

Vessco Water · Chanhassen, MN · 4 days ago
HybridEngineering$160/hrFull-time

Key Duties And Essential Functions

  • Serve as primary administrator and technical owner for enterprise security platforms, including Arctic Wolf, end point EDR, email security technologies, and other security tools.
  • Design, implement, and maintain security capabilities within the Microsoft cloud ecosystem, including Microsoft Defender, Microsoft Purview, Microsoft Intune, Microsoft Entra ID, Conditional Access, and related Microsoft security technologies.
  • Maintain and optimize security monitoring, detection, and response capabilities.
  • Manage security platform configurations, integrations, upgrades, and operational health.
  • Evaluate and recommend new security technologies and capabilities.
  • Develop and maintain platform standards, procedures, and documentation.
  • Leverage automation and AI-enabled capabilities to improve security operations, threat detection, incident response, and overall program effectiveness.

Security Operations and Incident Response

  • Monitor, investigate, and coordinate response to security alerts and incidents.
  • Act as primary responder for tickets, alerts, and investigations generated by the organization’s third-party Security Operations Center (SOC).
  • Perform security analysis to determine root cause, scope, impact, and remediation requirements for security events.
  • Coordinate containment, eradication, recovery, and post-incident activities.
  • Partner with managed security providers and technology teams to ensure timely remediation of security events.
  • Lead vulnerability management activities, including identification, prioritization, tracking, and remediation coordination.
  • Validate effectiveness of security controls through testing and review activities.
  • Develop operational processes that improve security visibility and response effectiveness.
  • Participate in incident response planning, tabletop exercises, and continuous improvement activities.

Security Assessment and Risk Management

  • Lead post-acquisition and post-close security assessments for newly acquired companies.
  • Develop and execute security integration plans for newly acquired companies, including identity, endpoint protection, email security, logging, vulnerability management, and Microsoft 365 security controls.
  • Conduct internal security assessments, technical reviews, and risk evaluations.
  • Document findings, recommendations, and remediation plans.
  • Track remediation efforts and validate completion of corrective actions.
  • Support cybersecurity due diligence activities related to mergers and acquisitions.
  • Assess security risks associated with new technologies, applications, cloud services, and AI-enabled solutions.
  • Partner with Infrastructure and Enterprise Applications teams to standardize security controls while supporting the organization's operating company model.

Security Engineering

  • Design, implement, and maintain technical security controls.
  • Support secure architecture and design reviews for infrastructure, cloud, application, and business initiatives.
  • Develop automation and process improvements to increase operational efficiency.
  • Participate in security-related projects and technology implementations.
  • Assist with development and implementation of security standards and technical guidelines.
  • Partner with technology teams to embed security requirements into enterprise solutions and operational processes.

Information Security Program Support

  • Serve as the technical lead for the Information Security Program.
  • Lead the technical evaluation of AI-enabled technologies, ensuring appropriate governance, data protection, access controls, and compliance with organizational security standards.
  • Partner with business leaders to enable secure adoption of Microsoft Copilot and other approved AI technologies while mitigating security and privacy risks.
  • Identify opportunities to leverage AI capabilities to enhance threat detection, security operations, vulnerability management, and other security functions.
  • Partner with business and technology teams to integrate security requirements into operational processes and projects.
  • Support audit, compliance, and risk management activities.
  • Assist with development and maintenance of security policies, standards, and procedures.
  • Provide technical security guidance and subject matter expertise across the organization.

Required Qualifications

  • Bachelor’s degree in Information Security, Cybersecurity, Information Technology, Computer Science, or related field, or equivalent professional experience.
  • 8+ years of experience in cybersecurity, security engineering, security operations, incident response, or related technical security roles.
  • Experience administering enterprise security technologies and platforms.
  • Experience performing security assessments, vulnerability management, and incident response activities.
  • Experience working with Microsoft Azure and Microsoft 365 security technologies, including Microsoft Defender, Microsoft Purview, Microsoft Intune, and Microsoft Entra ID.
  • Strong understanding of security principles, frameworks, and industry best practices.
  • Strong technical understanding of cybersecurity technologies and controls.
  • Knowledge of endpoint protection, email security, vulnerability management, SIEM, identity security, cloud security, and security monitoring technologies.
  • Ability to analyze security risks and recommend practical mitigation strategies.
  • Strong troubleshooting and problem-solving skills.
  • Able to manage multiple priorities and projects simultaneously.
  • Effective written and verbal communication skills.
  • Ability to communicate effectively with technical and non-technical stakeholders.
  • Strong documentation, organizational, and analytical skills.
  • Able to lead technical investigations and coordinate cross-functional response activities.

Preferred Qualifications

  • Experience with Arctic Wolf, Sophos, Securence, and Microsoft security technologies.
  • Experience securing Microsoft 365 environments in organizations with multiple business entities, acquisitions, or decentralized operating models.
  • Experience working with managed security service providers (MSSPs).
  • Experience supporting organizations pursuing or maintaining CMMC compliance.
  • Security certifications such as CISSP, GIAC, Security+, CySA+, GSEC, Azure Security Engineer Associate, or equivalent.
  • Experience with security automation, scripting, and AI-enabled security technologies.

Similar jobs

Senior Security Engineer

Zermount, Inc.United States· 3 wk ago
RemoteInformation Technologyapply on zermount.isolvedhire.com

Senior Security Engineer

IrriWatchCarlsbad, CA· 2 mo ago
Information Technology$160k–$180k/yrapply on careers.hydrosat.com