Security Engineer Lead

REPORTING RELATIONSHIP

POSITION REPORTS TO: ASSOCIATE DIRECTOR IT.

POSITION SUMMARY

The Lead Security Engineer is responsible for architecting, implementing, and governing Company's enterprise security controls across hybrid environments. Reporting Associate Director IT and closing work with the Sr. Director, Infrastructure & Security, this role provides hands-on technical leadership while guiding a team of security engineers in the execution of security operations, architecture, monitoring, identity security, and compliance initiatives. This position will play a key role in advancing Company's Zero Trust strategy, strengthening enterprise defenses, and ensuring alignment with regulatory and governance frameworks such as SOC 2, NIST, and ISO 27001.

JOB RESPONSIBILITIES

Security Architecture & Engineering

Lead the design and implementation of enterprise security architecture across on-prem and cloud environments.

Architect secure Azure/AWS configurations, including IAM, network controls, and cloud-native security tooling.

Review and optimize Network Firewall/Switch deployments to establish least-privilege network access.

Threat Detection, Monitoring & Response

Manage Microsoft NDR/XDR platforms, ensuring effective alerting, tuning, and mitigation workflows.

Oversee SIEM operations (Sumo Logic), including correlation rules, dashboards, and incident triage.

Serve as Level 3 escalation for complex security incidents.

Identity, Access & Zero Trust

Design and implement secure identity strategies using Microsoft Entra ID.

Govern MFA, SAML, OIDC, RBAC, and Zero Trust policies across the enterprise.

Email Security & User Protection

Manage DMARC, SPF, DKIM enforcement and email threat protection programs.

Lead phishing simulation and user awareness programs.

Governance, Compliance & Risk Management

Maintain security policies, playbooks, and procedures aligned to SOC 2, NIST, ISO 27001.

Lead SOC 2 audits, evidence collection, and remediation tasks.

Conduct vulnerability assessments, risk reviews, and remediation oversight.

Leadership & Cross-Functional Collaboration

Supervise, mentor, and guide a team of security engineers.

Partner with Infrastructure, Cloud, DevOps, and AppDev teams to embed security into system design and processes.

Present executive-level reporting on security posture and risk.

KNOWLEDGE, SKILLS, ABILITIES AND RESPONSIBILITIES

Education and Experience

Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or

equivalent handson experience.

810 years of experience in cybersecurity engineering, including securing hybrid cloud and onpremises environments.

Minimum 23 years leading, supervising, or mentoring a technical security engineering team.

Experience working with SOC 2, NIST, or ISO 27001 frameworks.

Master's degree or security leadership certifications are a plus.

Technical Skills

Expertlevel knowledge of network security technologies, including firewalls, VPN solutions, intrusion detection/prevention systems, and secure network architecture principles.

Strong handson experience securing Azure and AWS cloud environments, including IAM, network controls, and cloudnative security tools.

Deep expertise with Microsoft Defender NDR/XDR technologies (Defender for Endpoint, Identity, Cloud).

Operational experience with Sumo Logic or similar SIEM platforms, including log ingestion, correlation, and alert tuning.

Strong understanding of identity security, MFA, SAML, OIDC, RBAC, and Zero Trust architectures.

Practical experience implementing DMARC, SPF, DKIM, and email threat protection technologies.

Thorough knowledge of NIST, ISO 27001, SOC 2 Trust Services Criteria, and security governance best practices.

Scripting/automation experience (PowerShell, Python) is preferred.

Leadership and Communication

Demonstrated success leading and developing highperforming security engineering teams.

Ability to translate complex security risks, architecture considerations, and technical issues into clear communications for executives and nontechnical stakeholders.

Proven ability to manage crossfunctional relationships, build consensus, and influence security adoption across engineering, cloud, infrastructure, and application teams.

Strong experience conducting design reviews, leading incident response efforts, and enforcing best practices across distributed environments.

Preferred Qualifications

Experience working in environments handling sensitive data such as PHI/PII, healthcare, or legal service industry contexts.

Experience maturing SOC 2, NIST, or ISOaligned security governance programs.

Background implementing or optimizing Zero Trust architectures.

Certifications such as PCNSE, CISSP, SC100, AZ500, AWS Security Specialty, or SOC 2/NIST/ISO Lead Implementer.