What does success look like?

• Deliver reliable, secure, and compliant infrastructure that enables rapid and safe product development.
• Strong security posture integrated into all Cloud and DevOps workflows.
• Clear processes, documentation, and governance supporting regulatory audits with confidence.

As a Senior Security Engineer, you will play a crucial role protecting our digital assets through the deployment, management, and optimization of security technologies, including but not limited to Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP) and email security.  The ideal candidate will manage vulnerability and threat programs, lead incident response efforts, and have strong technical skills in threat detection and security operations. This role collaborates closely with business leaders, product teams, engineers, and other stakeholders to create value for everyone.

The base salary range for this position is $99,937-$157,043

Actual pay will be determined based upon a candidate’s job-related knowledge, skills, education, experience, geographic location, and may include other job-related factors such as certification(s), professional licensure, or internal equity considerations.

• Deploy and manage EDR solutions across enterprise endpoints including workstations, servers, and mobile devices.
• Administer SIEM platform including log source onboarding, parsing, and correlation rule development.
• Create dashboards and reports for security metrics, compliance, and executive visibility.
• Serve as escalation point for security incidents following established procedures.
• Develop and maintain incident response playbooks for common attack scenarios.
• Participate in tabletop exercises and conduct post-incident reviews to improve security posture.
• Establish and maintain a continuous vulnerability management program.
• Monitor threat intelligence sources for emerging threats, exploit activity, and vulnerabilities affecting the organization.
• Integrate vulnerability data with SIEM and EDR for enhanced threat correlation.
• Stay current with emerging threats, attack techniques, and security technologies.
• Investigate and respond to reported phishing emails and business email compromise (BEC) attempts.
• Create and tune DLP policies to prevent unauthorized data exfiltration while minimizing false positives.
• Collaborate with business units to understand data flows and implement appropriate DLP controls.
• Conduct training sessions on security best practices.
• Stay up to date on the latest IT trends and technologies.

• Bachelor’s or Master’s degree in computer science, Information Security, Cybersecurity, or related fields.  Equivalent work experience may be considered in lieu of a degree.
• 5+ years of progressive experience in Cyber Security Engineering.
• Experience conducting incident response investigations and forensic analysis.
• Have a track record of managing security incidents from detection through resolution.
• Experience securing AWS or Azure environments, including container orchestration (Kubernetes).
• Understand security frameworks (NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK).
• Knowledgeable of compliance requirements (PCI DSS, HIPAA, SOX, GDPR) as applicable.
• Experience operating in highly regulated environments, ideally medical devices (ISO 13485, IEC 62304) or similarly regulated fields.
• Strong understanding of secure software development practices and Cloud security.
• Strong incident response, reliability engineering, and operational excellence mindset.
• Scripting skills for automation of administrative and security processes.
• Comfortable with virtualization and containerization technologies.
• Understanding of software development life cycle (SDLC) and Agile methodologies.
• Experience working in a SaaS-based product development organization or FDA-regulated medical device environment desired.
• Microsoft, Cloud, and Security certifications are a plus.

Working Conditions

• Flexible work hours in a fun collaborative environment.
• Working remote requires a reliable internet connection.
• Must have the ability to travel, as needed for company meetings.