The Senior Cybersecurity Engineer designs implements and maintains security controls to protect Altermans information assets. This role leads security engineering initiatives supports advanced threat detection and response mentors security staff and serves as an escalation point for complex security issues. The Senior Cybersecurity Engineer partners with technology teams to embed security into systems and processes. Documentation is central to this role; the Senior Cybersecurity Engineer is expected to thoroughly document all security processes procedures configurations decisions and operational activities.
Essential Functions:
1. Security Engineering & Architecture: 25%
Designs implements and integrates security solutions including SIEM EDR DLP and network security technologies for systems applications and infrastructure.
Develops maintains and enforces security architecture documentation standards and automation for security operations and incident response.
Evaluates and recommends security tools and technologies.
Conducts security assessments and penetration testing.
2. Threat Detection & Response: 20%
Leads advanced threat hunting detection and response activities including the development and tuning of detection rules alerts and correlation logic.
Performs root cause analysis and leads incident response activities for complex security events.
Develops and maintains incident response playbooks and procedures.
Coordinates with external parties including vendors and law enforcement during incidents.
3. Access Controls & Identity Management: 15%
Designs implements and manages enterprise IAM solutions including directory services SSO MFA PAM and hybrid identity environments.
Develops enforces and governs access controls including conditional access policies RBAC models and access certifications.
Manages Active Directory Entra ID and hybrid identity configurations.
Administers single sign-on (SSO) and federation services.
Manages privileged access management (PAM) solutions and policies.
Partners with HR and business units on joiner mover and leaver processes.
Troubleshoots complex authentication and authorization issues.
4. Compliance & Documentation: 15%
Supports compliance with regulatory requirements and industry standards (CMMC SOC 2 NIST) by maintaining documentation evidence and audit artifacts.
Coordinates audit activities including evidence collection and interviews.
Supports risk management activities including enterprise risk assessments vendor risk reviews and maintenance of the risk register.
Develops and maintains security policies standards and procedures.
Monitors policy compliance and manages exceptions.
Supports security awareness program activities and phishing simulations.
Tracks and reports on compliance and risk metrics.
Management: 10%
Leads vulnerability management activities including scanning assessment prioritization remediation tracking and reporting of vulnerability metrics and trends.
Partners with IT teams to ensure timely patching and remediation.
6. Mentorship & Collaboration: 10%
Provides mentorship technical guidance and training to Cybersecurity Engineers and other IT staff.
Partners with Infrastructure Applications and Service Desk teams on security matters.
Serves as an escalation point for complex security issues.
7. Performs other duties as assigned. 5%
Education and Experience:
Minimum of 5-7 years of experience in cybersecurity security engineering identity management or related IT roles required; OR minimum of 7 years of progressive IT experience with security focus.
Pervious experience with maintaining and troubleshoot all of MS Ecosystem applications(Azure Microsoft Defender Entra ID/Azure AD Microsoft 365 Intune Sentinel etc.)
Bachelors degree in Computer Science Information Security Information Technology or related field preferred; equivalent combination of education and experience will be considered.
Security-related certifications required (e.g. CompTIA Security CySA CEH or GIAC certifications); senior-level certifications such as CISSP or CISM preferred.
Additional certifications preferred (e.g. Microsoft Identity SC-900/SC-300 CRISC CISA CGRC).
Familiarity with compliance frameworks required (NIST ISO 27001 SOC 2 CMMC).
Skills/Abilities:
Expert communication skills with the ability to explain complex security concepts to technical and non-technical audiences and translate technical risk into business-impact language.
Strong analytical and problem-solving skills.
Demonstrated ability to mentor and coach technical staff.
Able to perform effectively under pressure during active security incidents and participate in on-call and after-hours response activities as required.
Strong ability to develop and maintain security automation and scripting (e.g. Python PowerShell Bash).
Deep understanding of attack techniques threat actors defensive strategies and modern threat detection methods.
Deep understanding of authentication and identity protocols (e.g. SAML OAuth OIDC Kerberos).
Strong technical writing skills for developing policies standards procedures and compliance documentation.
Able to plan coordinate and execute security initiatives using effective organizational and project management skills.
Strong ability to work with enterprise security technologies (e.g. SIEM EDR network and cloud security controls vulnerability management tools penetration testing platforms threat intelligence solutions security orchestration and automation).
Strong ability to work with identity and access management technologies (e.g. Active Directory Entra ID SSO MFA PAM identity governance platforms zero trust architectures).
Familiarity with governance risk and compliance platforms and tools (e.g. GRC systems security awareness platforms documentation and workflow tools).
Work Environment:
Office environment.
May require occasional evening or weekend work for critical updates or incident response.
Physical Demands:
Prolonged periods of sitting at a desk and working on a computer.
Must be able to lift up to 15 pounds at times.
Manual dexterity associated with computer data entry required.
Required Experience:
Senior IC
Overview:The Senior Cybersecurity Engineer designs implements and maintains security controls to protect Altermans information assets. This role leads security engineering initiatives supports advanced threat detection and response mentors security staff and serves as an escalation point for complex...
Overview:
The Senior Cybersecurity Engineer designs implements and maintains security controls to protect Altermans information assets. This role leads security engineering initiatives supports advanced threat detection and response mentors security staff and serves as an escalation point for complex security issues. The Senior Cybersecurity Engineer partners with technology teams to embed security into systems and processes. Documentation is central to this role; the Senior Cybersecurity Engineer is expected to thoroughly document all security processes procedures configurations decisions and operational activities.
Essential Functions:
1. Security Engineering & Architecture: 25%
Designs implements and integrates security solutions including SIEM EDR DLP and network security technologies for systems applications and infrastructure.
Develops maintains and enforces security architecture documentation standards and automation for security operations and incident response.
Evaluates and recommends security tools and technologies.
Conducts security assessments and penetration testing.
2. Threat Detection & Response: 20%
Leads advanced threat hunting detection and response activities including the development and tuning of detection rules alerts and correlation logic.
Performs root cause analysis and leads incident response activities for complex security events.
Develops and maintains incident response playbooks and procedures.
Coordinates with external parties including vendors and law enforcement during incidents.
3. Access Controls & Identity Management: 15%
Designs implements and manages enterprise IAM solutions including directory services SSO MFA PAM and hybrid identity environments.
Develops enforces and governs access controls including conditional access policies RBAC models and access certifications.
Manages Active Directory Entra ID and hybrid identity configurations.
Administers single sign-on (SSO) and federation services.
Manages privileged access management (PAM) solutions and policies.
Partners with HR and business units on joiner mover and leaver processes.
Troubleshoots complex authentication and authorization issues.
4. Compliance & Documentation: 15%
Supports compliance with regulatory requirements and industry standards (CMMC SOC 2 NIST) by maintaining documentation evidence and audit artifacts.
Coordinates audit activities including evidence collection and interviews.
Supports risk management activities including enterprise risk assessments vendor risk reviews and maintenance of the risk register.
Develops and maintains security policies standards and procedures.
Monitors policy compliance and manages exceptions.
Supports security awareness program activities and phishing simulations.
Tracks and reports on compliance and risk metrics.
Management: 10%
Leads vulnerability management activities including scanning assessment prioritization remediation tracking and reporting of vulnerability metrics and trends.
Partners with IT teams to ensure timely patching and remediation.
6. Mentorship & Collaboration: 10%
Provides mentorship technical guidance and training to Cybersecurity Engineers and other IT staff.
Partners with Infrastructure Applications and Service Desk teams on security matters.
Serves as an escalation point for complex security issues.
7. Performs other duties as assigned. 5%
Education and Experience:
Minimum of 5-7 years of experience in cybersecurity security engineering identity management or related IT roles required; OR minimum of 7 years of progressive IT experience with security focus.
Pervious experience with maintaining and troubleshoot all of MS Ecosystem applications(Azure Microsoft Defender Entra ID/Azure AD Microsoft 365 Intune Sentinel etc.)
Bachelors degree in Computer Science Information Security Information Technology or related field preferred; equivalent combination of education and experience will be considered.
Security-related certifications required (e.g. CompTIA Security CySA CEH or GIAC certifications); senior-level certifications such as CISSP or CISM preferred.
Additional certifications preferred (e.g. Microsoft Identity SC-900/SC-300 CRISC CISA CGRC).
Familiarity with compliance frameworks required (NIST ISO 27001 SOC 2 CMMC).
Skills/Abilities:
Expert communication skills with the ability to explain complex security concepts to technical and non-technical audiences and translate technical risk into business-impact language.
Strong analytical and problem-solving skills.
Demonstrated ability to mentor and coach technical staff.
Able to perform effectively under pressure during active security incidents and participate in on-call and after-hours response activities as required.
Strong ability to develop and maintain security automation and scripting (e.g. Python PowerShell Bash).
Deep understanding of attack techniques threat actors defensive strategies and modern threat detection methods.
Deep understanding of authentication and identity protocols (e.g. SAML OAuth OIDC Kerberos).
Strong technical writing skills for developing policies standards procedures and compliance documentation.
Able to plan coordinate and execute security initiatives using effective organizational and project management skills.
Strong ability to work with enterprise security technologies (e.g. SIEM EDR network and cloud security controls vulnerability management tools penetration testing platforms threat intelligence solutions security orchestration and automation).
Strong ability to work with identity and access management technologies (e.g. Active Directory Entra ID SSO MFA PAM identity governance platforms zero trust architectures).
Familiarity with governance risk and compliance platforms and tools (e.g. GRC systems security awareness platforms documentation and workflow tools).
Work Environment:
Office environment.
May require occasional evening or weekend work for critical updates or incident response.
Physical Demands:
Prolonged periods of sitting at a desk and working on a computer.
Must be able to lift up to 15 pounds at times.
Manual dexterity associated with computer data entry required.