The Opportunity We're seeking a hands-on Infrastructure Security Platform Engineer to own and enhance our core security technologies. This role is responsible for the engineering, administration, and continuous improvement of platforms such as SASE remote access, firewalls, DLP, CASB, Microsoft Purview, web filtering, and email security.
As part of the Infrastructure & Operations team, you'll play a critical role in ensuring our environment is securely configured - reviewing changes before deployment, conducting audits, and partnering closely with Security and IT teams to enforce standards and strengthen our overall security posture.
What You'll Be DoingOwn & Engineer Security Platforms - Act as technical owner for core security tools, including SASE, firewalls, DLP/CASB, web filtering, Microsoft Purview, and email security
- Design, implement, and optimize policies (TLS inspection, DLP, URL filtering, email controls)
- Drive platform enhancements through research, testing, and vendor collaboration
Ensure Secure Configuration & Governance - Review infrastructure and application changes pre-deployment to ensure alignment with security standards
- Conduct regular configuration audits across network, cloud, endpoint, and identity platforms
- Maintain configuration baselines, audit frameworks, and operational runbooks
Support Operations & Change Management - Evaluate and approve security-related change requests in core platforms
- Troubleshoot platform issues and partner with vendors to resolve incidents
- Respond to alerts, support investigations, and participate in on-call rotations
Collaborate Across Teams - Partner with Security, Infrastructure, and IT Services teams to enforce standards and improve operations
- Enable scalable support through strong documentation and knowledge transfer
- Contribute to security services that support customer-facing MSP engagements
Strengthen Risk & Compliance - Support regulatory compliance efforts (NIST, FFIEC, HIPAA, PCI, etc.)
- Track risks, audit findings, and remediation activities for managed platforms
- Maintain security policies and procedures to align with regulatory requirements and risk appetite
What You'll Bring to the Table - Bachelor's degree in computer science, information technology, or a related field, or an equivalent combination of education and experience sufficient to perform the essential functions of the job
- 3-5 years of experience in security or infrastructure engineering
- Hands-on experience with network security platforms (SASE, firewalls, DLP, web/email security)
- Familiarity with Microsoft security tools (Purview, Sentinel, Defender, Conditional Access) or similar platforms
- Experience reviewing configurations or performing security audits preferred
- Strong documentation and cross-team collaboration skills
Preferred Certifications: CISSP, Microsoft Security, Check Point, or SASE-related certifications How You'll Be Rewarded All SunStream employees receive a competitive salary and bonus package. Eligible employees also enjoy access to an industry-leading benefits program, including but not limited to:
- Comprehensive medical, dental and vision insurance
- Tax-advantaged healthcare accounts
- 401(k) plan with generous employer match
- Income protection benefits
- Individual learning & development budget
- Robust time off plans and workplace flexibility
