Lead Security Engineer

JOB RESPONSIBILITIES

Security Architecture & Engineering

• Lead the design and implementation of enterprise security architecture across on-prem and cloud environments.

• Architect secure Azure/AWS configurations, including IAM, network controls, and cloud-native security tooling.

• Review and optimize Network Firewall/Switch deployments to establish least-privilege network access.

Threat Detection, Monitoring & Response

Manage Microsoft NDR/XDR platforms, ensuring effective alerting, tuning, and mitigation workflows.

• Oversee SIEM operations (Sumo Logic), including correlation rules, dashboards, and incident triage.

• Serve as Level 3 escalation for complex security incidents.

Identity, Access & Zero Trust

• Design and implement secure identity strategies using Microsoft Entra ID.

• Govern MFA, SAML, OIDC, RBAC, and Zero Trust policies across the enterprise.

Email Security & User Protection

• Manage DMARC, SPF, DKIM enforcement and email threat protection programs.

• Lead phishing simulation and user awareness programs

Governance, Compliance & Risk Management

• Maintain security policies, playbooks, and procedures aligned to SOC 2, NIST, ISO 27001.

• Lead SOC 2 audits, evidence collection, and remediation tasks.

• Conduct vulnerability assessments, risk reviews, and remediation oversight.

Leadership & Cross-Functional Collaboration

• Supervise, mentor, and guide a team of security engineers.

• Partner with Infrastructure, Cloud, DevOps, and AppDev teams to embed security into system design and processes.

• Present executive-level reporting on security posture and risk

KNOWLEDGE, SKILLS, ABILITIES AND RESPONSIBILITIES

Education and Experience

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or equivalent hands‑on experience.

• 8–10 years of experience in cybersecurity engineering, including securing hybrid cloud and on‑premises environments.

• Minimum 2–3 years leading, supervising, or mentoring a technical security engineering team.

• Experience working with SOC 2, NIST, or ISO 27001 frameworks.

• Master's degree or security leadership certifications are a plus

Technical Skills

• Expert‑level knowledge of network security technologies, including firewalls, VPN solutions, intrusion detection/prevention systems, and secure network architecture principles.

• Strong hands‑on experience securing Azure and AWS cloud environments, including IAM, network controls, and cloud‑native security tools.

• Deep expertise with Microsoft Defender NDR/XDR technologies (Defender for Endpoint, Identity, Cloud).

• Operational experience with Sumo Logic or similar SIEM platforms, including log ingestion, correlation, and alert tuning.

• Strong understanding of identity security, MFA, SAML, OIDC, RBAC, and Zero Trust architectures.

Practical experience implementing DMARC, SPF, DKIM, and email threat protection technologies.

• Thorough knowledge of NIST, ISO 27001, SOC 2 Trust Services Criteria, and security governance best practices.

• Scripting/automation experience (PowerShell, Python) is preferred

Leadership and Communication

• Demonstrated success leading and developing high‑performing security engineering teams.

• Ability to translate complex security risks, architecture considerations, and technical issues into clear communications for executives and non‑technical stakeholders.

• Proven ability to manage cross‑functional relationships, build consensus, and influence security adoption across engineering, cloud, infrastructure, and application teams.

• Strong experience conducting design reviews, leading incident response efforts, and enforcing best practices across distributed environments.

Preferred Qualifications

• Experience working in environments handling sensitive data such as PHI/PII, healthcare, or legal service industry contexts.

• Experience maturing SOC 2, NIST, or ISO‑aligned security governance programs.

• Background implementing or optimizing Zero Trust architectures.

• Certifications such as PCNSE, CISSP, SC‑100, AZ‑500, AWS Security Specialty, or SOC 2/NIST/ISO Lead Implementer.