Sr Systems Security Engineer

Client Name: Ralph Clark Associates (RCA)
End Client Name: Starrett Industries

Job Title: Sr Systems / Security Engineer
Location: Athol MA (Within 1 2 hours only)
Work Type: Hybrid
Job Type: Contract (3 6 months potential to go Full-Time)
Rate: $55 $60/hr W2

Notes:

• USC or GC ONLY
• Must live within 1 2 hours of Athol MA
• Contract 3 6 months with potential for permanent hire
• Video interview process
• Start Date: ASAP

Senior Systems & Security Engineer

Contract-to-Hire Hybrid Central Massachusetts preferred 40 hrs./week

AT A GLANCE

Engagement Type: Contract (3 6 months) with strong potential to convert to full-time

Schedule: 40 hours per week standard business hours (occasional off-hours incident response)

Location: Hybrid; preference for candidates within 1 3 hours of Central Massachusetts. On-site presence required during initial onboarding phase; remote flexibility increases as role matures

Compensation: Competitive; commensurate with experience

OVERVIEW

We are seeking a seasoned Senior Systems & Security Engineer to fill a high-impact dual role at a well-established global manufacturing organization. This is not a purely theoretical or advisory position - you will be hands-on managing day-to-day security operations while also administering and advancing a modern Microsoft 365 environment across multiple global sites.

The ideal candidate is equally at home managing Microsoft Active Directory Entra ID and the M365 platform as they are running day-to-day security operations: patch management vulnerability management and recurring control reviews. You will work directly with IT leadership and a virtual CISO (vCISO) to mature the organizations security posture while keeping systems secure and running efficiently.

This engagement is designed as a contract-to-hire opportunity. The organization wants to build a long-term relationship with the right person. Candidates open to full-time conversion are strongly encouraged to apply.

WHAT YOULL DO

Security Operations (Day-to-Day)

Serve as the primary security operations resource across the organizations global sites and divisions

Own and execute patch management asset management vulnerability scanning and recurring security control reviews

Manage and monitor security tooling (firewalls IDS/IPS endpoint protection SIEM) and coordinate with managed security partners

Deploy and manage security tool agents across the environment

Conduct access control reviews and ensure consistent enforcement of least privilege principles

Administer the security awareness and training program; ensure all end users receive regular relevant training

Coordinate security integration across IT and business functions ensuring security is embedded in operations - not bolted on

Systems Administration & M365 Engineering

Administer and optimize Microsoft M365 services including Exchange Online Teams SharePoint OneDrive and Intune

Manage identity infrastructure: Active Directory Azure AD / Entra ID Conditional Access policies PIM and MFA

Plan and lead migration projects from legacy or third-party platforms to Microsoft M365

Develop and maintain PowerShell automation scripts for administration provisioning and reporting

Troubleshoot complex M365 issues; provide root-cause analysis and lasting fixes

Create and maintain clear documentation for system configurations change procedures and runbooks

Mentor junior IT staff on M365 administration and security best practices

Security Governance & Compliance

Under the direction of the CIO and vCISO establish track and report on security KPIs and metrics

Participate in ongoing security governance activities including regular leadership briefings

Maintain documentation for security policies procedures and protocols

Ensure consistent security practices across all company locations and divisions

Support compliance requirements including data protection and applicable regulatory frameworks

Incident Response & Recovery

Lead response efforts during security incidents - containment eradication and recovery

Conduct post-incident analysis; identify root causes and implement preventive measures

Maintain an up-to-date incident response plan; ensure team members understand their roles

Conduct regular risk assessments and vulnerability analyses to proactively surface and mitigate threats

Threat Intelligence

Monitor threat intelligence feeds; stay current on emerging cybersecurity threats and vulnerabilities

Translate threat intelligence into actionable recommendations that improve security posture

Collaborate with external partners (cybersecurity firms ISACs relevant government agencies) to share intelligence and best practices

WHAT WE ARE LOOKING FOR

Required

5 years of experience in systems engineering and/or information security operations with demonstrated depth in both disciplines

Hands-on expertise with Microsoft M365 platform administration - Exchange Online Teams SharePoint OneDrive Intune

Experience migrating and integrating with M365 including tenant-to-tenant and other platforms to M365.

Strong command of identity and access management: Active Directory Entra ID Conditional Access PIM MFA SSO

Proficiency in PowerShell scripting for automation reporting and M365 administration

Experience with core security operations: patch management vulnerability management SIEM monitoring endpoint protection

Solid networking fundamentals: DNS DHCP SSL/TLS firewall concepts

Ability to manage multiple concurrent priorities in a fast-paced multi-site environment

Strong communicator - able to translate technical risk into plain language for non-technical stakeholders

Preferred

Experience in a manufacturing industrial or multi-site enterprise environment

Familiarity with Microsoft Defender suite (Defender for Endpoint Defender for Identity Defender for Office 365)

Experience with Microsoft Purview DLP policies and Secure Score management

Exposure to hybrid environments (on-prem AD Azure / Entra ID)

Knowledge of GDPR and other applicable data protection regulations

Bachelors degree in Information Security Computer Science or related field (or equivalent practical experience)

Relevant Certifications (any of the following valued)

Microsoft: MS-500 (M365 Security Administrator) SC-300 (Identity & Access Administrator) AZ-500 (Azure Security Engineer)

Security: CISSP CISM CompTIA Security CEH

WORKING CONDITIONS

Hybrid role; onsite presence at Central Massachusetts HQ required during initial onboarding (frequency tapers as role establishes)

Candidates located within a 1 to 3 hour drive of Central Massachusetts are strongly preferred; fully remote candidates in the Northeast may be considered

Standard hours: 8 AM 5 PM; must be available for after-hours response to security incidents when needed

Occasional travel for team coordination vendor engagement or professional development

WHY CONSIDER THIS ROLE

Direct impact: You will be part of a small team and will have the opportunity to work across several platforms with different technologies.

Established organization with a 140 year track record - stable business with global reach

Clear path to full-time conversion for the right candidate

Work alongside experienced IT leadership and a vCISO who will invest in your success

An environment where the work you put in is visible and valued