Security Engineer - Identity and Endpoint security
Listed on 2026-06-22
-
IT/Tech
Cybersecurity, Security Manager, Network Security
Security Engineer – Identity and Endpoint Security
The Security Engineer will protect our users, data, and systems with a focus on identity security, endpoint protection, and security monitoring. Responsibilities include managing identity platforms, monitoring security alerts, and building automation to improve defenses.
Identity & Access Security- Manage and monitor our identity platform (Microsoft Entra ), including user access, privileged accounts, and authentication policies
- Support the administration and day‑to‑day operations of Cyber Ark for privileged access management, including vault configurations, session monitoring, and access reviews
- Partner with IT and engineering teams to enforce least‑privilege access and improve identity hygiene across the environment
- Investigate identity‑related alerts, unusual sign‑in activity, and potential account compromises
- Work within Microsoft XDR (Defender suite) to monitor, triage, and respond to security alerts across endpoints, email, and cloud workloads
- Investigate security incidents end‑to‑end— from initial alert through containment, remediation, and lessons learned
- Tune detection rules and policies to reduce noise while ensuring meaningful threats don’t slip through
- Collaborate with the broader security team on incident response exercises and tabletop scenarios
- Build and maintain automation workflows to reduce repetitive manual work—think automated alert enrichment, provisioning/deprovisioning, reporting, and access reviews
- Use scripting (Power Shell, Python, or similar) to develop tools that improve the team’s speed and effectiveness
- Identify areas where manual processes can be streamlined and take ownership of making them better
- Contribute to the development of runbooks, playbooks, and standard operating procedures
- Clearly explain a security incident to a non‑technical audience without losing essential details
- Own problems and follow through from identification to resolution
- Think about security at scale and build processes that require minimal human intervention
- Collaborate effectively across IT, engineering, and business teams
- Remain curious about attacker tactics and stay updated on the evolving threat landscape
- 3–5 years in an IT security, security operations, or systems administration role
- Hands‑on experience with Microsoft Entra (formerly Azure AD), including Conditional Access, MFA, and identity governance
- Working knowledge of Cyber Ark or a comparable privileged access management (PAM) solution
- Familiarity with Microsoft XDR or Defender products (Defender for Endpoint, Defender for Identity, Defender for Office 365)
- Demonstrated ability to write scripts or automation—Power Shell, Python, KQL, or similar
- Preferred experience with Microsoft Sentinel or a similar SIEM/SOAR platform
- Preferred familiarity with cloud security concepts in Microsoft Azure or M365 environments
- Preferred exposure to security frameworks such as NIST, CIS Controls, or MITRE ATT&CK
- Preferred relevant certifications (SC‑200, AZ‑500, Cyber Ark Defender, CompTIA Security+)
- Preferred experience supporting a security awareness or phishing simulation program
Salary Range: $123,040 – $153,800
WK Kellogg Co is an Equal Opportunity Employer that strives to provide an inclusive work environment and embraces the diverse talent of its people. All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, disability, religion, national origin, gender, gender identity, gender expression, marital status, sexual orientation, age, protected veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).