Senior Cybersecurity Engineer

• You will own the operational health of one or two engineering domains, lead cross-team initiatives that touch multiple control areas, and design the patterns the rest of the team executes against. • You’re the engineer who can take a tool from “purchased” to “deployed, tuned, and instrumented,” the partner Cloud Ops and Identity call when they need a security pattern that actually works, and the senior who makes the Mid and Associate engineers better through pairing, code review, and clear standards. • You’ll also be a senior voice in architecture and decision conversations alongside the Principal Engineer and the Manager. • Domain ownership : Own the operational health of one or two engineering domains (identity, network/segmentation, cloud security baselines, monitoring/logging, encryption/key management, endpoint, vulnerability management, configuration management). Keep them measurably healthy and improving. • Cross-team initiatives : Lead initiatives that span Security, IT, Identity, Cloud Operations, and delivery teams — controlled rollouts, control set hardening, tool migrations. Land them without breaking production. • Architecture and standards : Design new control patterns and reference architectures. Write the decision records, runbooks, and standards the team executes against and the auditors review. • Controlled rollouts : Lead the end-to-end deployment of new control sets (e.g., bringing a new EDR online, hardening a new cloud account, standing up new logging pipelines) — pilot, measure, expand, document. • Mentorship : Pair with Mid and Associate engineers, run design reviews, give substantive code/config review, and grow the next tier. Quality of output from less senior engineers is part of your scope. • Operational partnership : Be the senior partner Cloud Ops, Identity, IT Service Management, GRC, and the SOC call when they need security engineering input. Solve problems with them, not at them. • Detection/response engineering support : Partner with Detection Engineering and the SOC on logging coverage, telemetry quality, and the engineering pieces of response (privileged access tooling, isolation capabilities, evidence capture). • Evidence and audit readiness : Produce control evidence and architecture documentation that holds up under audit and peer review. Keep your domains’ evidence map current. • Automation : Push toward repeatable, codified controls (IaC, policy-as-code, automated evidence collection) instead of one-off manual work.

• 5+ years in security engineering, with hands-on responsibility for implementing controls across identity, network, cloud, endpoint, and/or monitoring. • Strong fundamentals in IAM, network segmentation, encryption / key management, and centralized logging / monitoring. • Experience with at least one major cloud platform (Azure, AWS, GCP) in a security-engineering capacity. • Ability to produce clear architecture documentation, runbooks, and decision records that hold up under audit and peer review. • Excellent written and verbal communication; able to explain tradeoffs across Security, IT, and delivery audiences in plain language. • Comfortable mentoring less senior engineers and owning quality-of-output for one or more domains. • Regulated-environment experience (CMMC, NIST 800-171, NIST 800-53, FedRAMP-aligned, SOC 2, ISO 27001, HIPAA, PCI). • Infrastructure-as-code experience (Terraform, Bicep, Pulumi) and policy-as-code (Sentinel, OPA). • Security tooling integration experience (SIEM, EDR, vulnerability scanning, IAM, secrets management). • Industry certifications (one or more): CISSP, CCSP, GIAC (e.g., GCED, GPEN, GCWN), AZ-500, AWS Security Specialty. • Experience supporting a SOC’s detection/response engineering needs. • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field — or equivalent applicable years of experience