Security Engineer

We are seeking a skilled and motivated Security Engineer to join our team. The ideal candidate will be responsible for implementing, managing, and enhancing our cybersecurity measures to protect client data and our systems across our managed IT and analytics services. This role requires in-depth knowledge of security practices, cloud security (especially Azure), and incident response. You will work closely with our IT, MSP, and analytics teams to provide a comprehensive security posture across the organization and for our clients.

Key Responsibilities:

Security Strategy Development:

• Design and document security policies, standards, and processes that align with industry best practices.

• Regularly review and update security strategies to address emerging threats and technologies.

• Perform security assessments of new technologies and architectures to ensure alignment with security policies.

• Collaborate with management to identify, recommend, and prioritize security initiatives

• Implement and configure Azure Identity and Access Management (IAM) policies, including multi-factor authentication and role-based access control.

• Manage network security groups, firewalls, and virtual private networks (VPNs) within Azure.

• Configure data encryption at rest and in transit for Azure resources and databases. • Use Azure Monitor and Security Center to assess security posture and remediate vulnerabilities in real-time.

• Develop and maintain a detailed incident response plan covering detection, containment, eradication, and recovery.

• Act as the first point of contact for security incidents, coordinating response and forensic investigations

Conduct root cause analyses to understand incidents and recommend preventative measures.

• Regularly conduct incident response drills and tabletop exercises to enhance preparedness.

Threat Detection & Prevention:

• Implement and fine-tune intrusion detection and prevention systems (IDS/IPS) within client environments.

• Regularly scan systems for vulnerabilities using Azure Defender, Qualys, or similar tools.

• Monitor endpoints and servers using antivirus/antimalware software, ensuring definitions are up-to-date.

• Conduct log analysis using Azure Sentinel or other SIEM solutions to identify abnormal behavior and potential threats.

Compliance & Governance:

• Regularly audit systems and processes to ensure compliance with industry regulations such as HIPAA, GDPR, and NIST.

• Maintain and update the compliance framework documentation and assist with client audits.

• Partner with internal stakeholders to enforce security standards and implement necessary compliance changes.

• Conduct security assessments and gap analyses to continuously improve compliance adherence.

• Perform risk assessments for new and existing systems to identify potential vulnerabilities and threats.

• Conduct regular vulnerability assessments and track the remediation of identified issues.

• Maintain a risk register, document mitigation strategies, and report on risk levels and trends.

• Work with the IT team to apply patches, configuration changes, and other updates to minimize risks.

Security Training:

• Develop and deliver security awareness training sessions for employees, contractors, and clients.

• Create and distribute educational materials on emerging threats, phishing, and security best practices.

• Lead phishing simulation exercises and report on outcomes to identify training areas.

• Ensure that all team members understand the latest security protocols and procedures.

• Review blogs and other security marketing material for accuracy and recommend changes or updates.

Configure and monitor alerts in Azure Security Center and Sentinel for immediate threat detection.

• Develop security dashboards and reports to communicate security metrics, incidents, and trends to management.

• Conduct weekly, monthly, and quarterly reviews of security logs and incident data to assess the effectiveness of security controls.

• Perform regular audits of logs and monitor access logs for any unauthorized access or suspicious activity

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).

• 3+ years of experience in information security, with a strong focus on cloud security, ideally within Microsoft Azure environments.

• Proficiency in Azure security tools, such as Azure Security Center, Sentinel, and Azure Active Directory.

• Knowledge of compliance frameworks and standards (e.g., NIST, ISO 27001, HIPAA, GDPR).

• Experience with security tools such as firewalls, IDS/IPS, SIEM, and endpoint protection.

• Strong understanding of network protocols, architecture, and secure network design.

• Excellent problem-solving skills and the ability to work both independently and in a team environment.

• Relevant security certifications (e.g., CISSP, CISM, CEH, Microsoft Certified: Azure Security Engineer Associate) are a plus.

Preferred Skills:

• Familiarity with BI and analytics security concerns, especially regarding data protection in analytics workflows.

• Experience working in or supporting Managed Service Providers (MSPs).

• Knowledge of DevSecOps practices and integration of security in CI/CD pipelines