Security Engineer

Experience:

Security Engineer with L3 capabilities

Incident Response & Threat Management

• Lead complex investigations of security incidents and breaches.
• Perform root cause analysis and develop mitigation strategies.
• Collaborate with SOC and threat intelligence teams to enhance detection and response.

Security Infrastructure Management

• Administer and optimize security tools including:

• Microsoft 365 Defender, Sentinel, Purview

• Mimecast Email Security

• Azure Cloud Security & Compliance

• McAfee / Symantec Endpoint Protection

• SafeBreach, Gytpol, and other BAS tools

• Manage and troubleshoot PKI and certificate lifecycle processes.

Automation & Integration

• Develop and maintain automated playbooks using SOAR platforms.
• Integrate security tools with SIEM, ticketing, and monitoring systems.
• Use scripting (PowerShell, Python) to automate repetitive tasks and enhance response times.

Vulnerability & Compliance Management

• Conduct vulnerability scans and coordinate remediation efforts.
• Ensure compliance with internal policies and external regulations (ISO, NIST, GDPR).
• Support audits and provide technical evidence for compliance reporting.

Technical Leadership & Escalation

• Act as the final escalation point for L1/L2 security incidents and technical issues.
• Mentor junior engineers and contribute to knowledge base documentation.
• Participate in red/blue/purple team exercises and tabletop simulations.

Required skills:

• 5+ years of experience in cybersecurity operations or engineering.
• Strong hands-on experience with:
• Microsoft 365 Security Suite
• Azure Security & Compliance
• Mimecast, McAfee, Symantec
• SafeBreach, Gytpol, Nessus, Qualys
• Proficiency in scripting (PowerShell, Python) and automation tools.
• Deep understanding of network protocols, endpoint telemetry, and cloud security.
• Experience with SIEM, SOAR, and EDR/XDR platforms.

Preferred Certifications:

• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Certified Ethical Hacker (CEH)
• GIAC Certified Incident Handler (GCIH)
• CompTIA Security+ / CySA+
• CISSP or equivalent (preferred)