Security Engineer

We’re looking for a Security Engineer who’s excited to work across the full security stack. You’ll help us stand up and mature key capabilities—including Vulnerability Management, Endpoint Security, SIEM/SOAR, Application Security, Incident Response, GRC, and Network Security.

This is a hands‑on role: you’ll manage tools, build dashboards and automations, tune policies, and dive into investigations. If you’re curious, collaborative, and love turning signal into action, we want to meet you.

The ideal candidate will have 2-4 years of working experience.

• Operate and administer the vulnerability management platform (e.g., Tenable/Qualys/Rapid7).
• Build dashboards and recurring reports (trending, SLAs, risk‑based prioritization).
• Partner with IT/Engineering to align patching cycles with findings and verify remediation.

• Deploy, monitor, and tune EDR on Windows, macOS, and Linux across physical and cloud‑hosted workloads.
• Harden policies and create exceptions safely; investigate and resolve sensor/telemetry issues.
• Maintain coverage/health reporting and onboarding/offboarding procedures.

• Ensure all relevant log sources (cloud, identity, endpoint, network, application) are ingesting and parsing correctly.
• Write detections/queries and build SOAR playbooks to enrich alerts, automate triage, and reduce MTTR.
• Create runbooks for repeatable investigations.

• Help run SAST/DAST pipelines; support developers in “shift‑left” practices.
• Scan containers/images and third‑party packages from npm, pip, and Homebrew; manage findings in backlog.
• Contribute to secure SDLC guidance and threat modeling for new features.

• Act as an escalation partner to our managed SOC; assist with scoping, containment, eradication, and recovery.
• Preserve evidence, draft timelines, and document post‑incident follow‑ups.

• Apply Zero Trust principles in policy design and access tooling.
• Support DNS/DHCP hygiene and network segmentation efforts across cloud and campus.

• Support logs/detections and guardrails in Azure (e.g., Microsoft Sentinel/Defender, Azure AD/Entra, Policy).
• Help design least‑privilege access, workload protections, and secure configurations.

• 2–3 years in security/IT/Dev Ops or equivalent projects/certs.
• Solid fundamentals: OS internals (Windows/Linux/macOS), networking (TCP/IP, DNS, DHCP), identity, and cloud.
• Familiarity with two or more: EDR, SIEM, SOAR, SAST/DAST, CNAPP, CSPM, Incident Response, GRC, or vuln management.
• Comfort building queries/dashboards and writing clear documentation.

• Azure experience
• IaC experience – Terraform and Ansible
• Experience with tools like:
  Sentinel One/Crowd Strike/Microsoft Defender for Endpoint;
  Tenable/Qualys/Rapid7;
  Microsoft Sentinel/Splunk;
  Logic Apps/Tines;
  CodeQL/Semgrep/OWASP ZAP;
  Trivy/Grype;
  Git Hub/Git Hub Actions.
• Certifications such as Security+, CySA+, SC‑200, AZ‑500, or GSEC.
• Understanding of Security Frameworks like NIST
  800.53r5 and CIS.