Jobs · Information Technology

Senior Security Engineer II

BerryDunn — Assurance, Tax and Consulting · United States · 3 mo ago
RemoteRemoteInformation Technology$155k–$180k/yrFull-time

About the role

We are looking for a talented and driven Senior Security Engineer II to join our expanding security team. In this role, you will be instrumental in strengthening and maintaining our organization’s security posture while also supporting the security of our products and services. This is a hands-on position that requires a strong grasp of multiple security domains and the ability to thrive in a dynamic, fast-paced environment.

Responsibilities

  • Implement and manage cloud security controls: Apply cloud security best practices across corporate and cloud environments (preferably Microsoft Azure) to monitor, maintain, and continuously improve enterprise security posture.

  • Framework Alignment & Compliance: Ensure alignment with industry-standard security frameworks and regulatory requirements (e.g., ISO/IEC 27001, NIST, HIPAA, SOC 2, AICPA Trust Services Criteria).

  • Data Governance & Compliance Tools: Design, deploy, and maintain Microsoft Purview features including data cataloging, classification, lineage, and compliance policies.

  • Identity and Access Management: Administer and optimize identity management and access control systems, including Microsoft Entra ID (Azure AD), to ensure secure authentication and authorization.

  • Incident Response: Support the development, execution, and continuous improvement of incident response procedures, including active participation during security incidents.

  • Policy/Standard/Procedure Development: Create, update, and enforce security policies, standards, and procedures aligned with organizational goals and compliance requirements.

  • Security Architecture Collaboration: Work closely with IT and architecture teams to embed security controls into system and application design.

  • Security Tooling & Technology Evaluation: Research, recommend, and assist in the implementation of modern security technologies and solutions to enhance defenses.

  • Network and Protocol Security: Leverage knowledge of networking fundamentals and security protocols to ensure proper segmentation, encryption, and protection of corporate assets.

  • Application Security Participation: Support application security initiatives including secure development practices, vulnerability management, and remediation workflows.

  • Cloud Defense Platforms: Administer Microsoft Defender for Cloud and other cloud-native security tools to detect and respond to threats.

Requirements

  • Strong technical expertise in O365, Microsoft 365 Purview, Microsoft Purview in Azure, Microsoft Defender, and Entra.

  • Understanding of security within on-premise infrastructure using VMWare and Azure Hybrid environments.

  • Proven experience designing, deploying, and managing Microsoft Purview environments.

  • Deep understanding of ISO 27001, NIST CSF, HIPAA, AICPA, and SOC 2 frameworks, including associated Privacy and Security Rules.

  • Hands-on experience implementing technical safeguards to meet HIPAA and other regulatory requirements.

  • Solid knowledge of cloud security best practices and identity/access management principles.

  • Proficiency in data classification, labeling, and Data Loss Prevention (DLP) strategies.

  • Strong communication, collaboration, documentation, and problem-solving skills.

  • Ability to work both independently and collaboratively within cross-functional teams.

Qualifications

  • Bachelor’s degree in Computer Science, Information/Cyber Security, or a related field (or equivalent professional experience).

  • 7+ years of experience in cybersecurity, including at least 2 years in enterprise environments.

  • Industry certifications such as CISSP, CISM, CEH, or GIAC (preferred).

  • Strong expertise in network, system, and cloud security.

  • Cloud-specific security certifications (e.g., Microsoft Azure, Microsoft Purview, AWS Certified Security).

  • Experience in cybersecurity vendor environments.

  • Proficiency with Microsoft Records Management and/or Information Governance processes.

  • Advanced knowledge of cloud security, particularly with Azure and GCP; experience with other data catalog and governance tools (e.g., Collibra, Alation, Informatica).

  • Client-facing consulting experience in compliance, data governance, and regulatory alignment.

Skills

  • Technical expertise in O365, Microsoft 365 Purview, Microsoft Purview in Azure, Microsoft Defender, and Entra.

  • Understanding of security within on-premise infrastructure using VMWare and Azure Hybrid environments.

  • Proven experience designing, deploying, and managing Microsoft Purview environments.

  • Deep understanding of ISO 27001, NIST CSF, HIPAA, AICPA, and SOC 2 frameworks, including associated Privacy and Security Rules.

  • Hands-on experience implementing technical safeguards to meet HIPAA and other regulatory requirements.

  • Solid knowledge of cloud security best practices and identity/access management principles.

  • Proficiency in data classification, labeling, and Data Loss Prevention (DLP) strategies.

  • Strong communication, collaboration, documentation, and problem-solving skills.

  • Ability to work both independently and collaboratively within cross-functional teams.

Benefits

The base salary range targeted for this role is $155,000-180,000. This position may also be eligible for a discretionary annual bonus based on factors such as company and personal performance. This salary range represents BerryDunn’s good faith and reasonable estimate of the range of possible compensation at the time of posting. If an applicant possesses experience, education, or other qualifications more than the minimum requirements for this posting, that applicant is encouraged to apply, and a final salary range may then be based on those additional qualifications; compensation decisions are dependent on the facts and circumstances of each case. The salary of the finalist selected for this role will be based on a variety of factors, including but not limited to years of experience, depth of experience, seniority, merit, education, training, amount of travel, and other relevant business considerations.

Similar jobs