Security Engineer

• Vulnerability & Framework Assessment Responsibilities: schedule, run, and interpret vulnerability scans using Tenable or Qualys; track and report on remediation progress in collaboration with client IT teams; readiness assessments for SOC 2, ISO 27001, and NIST CSF; map client controls to framework requirements and identify gaps
• Client Leadership & Delivery: end-to-end delivery for security engagements (e.g., M365 hardening, Sentinel deployments, MDR onboarding, external/internal assessments). Translate business risk into technical requirements; create architectures, roadmaps, and prioritized remediation plans. Facilitate client workshops, runbooks, and executive readouts; produce clear, actionable deliverables and presentations. Coordinate cross-functional teams; track scope, risks, issues, and dependencies; ensure on-time, on-budget delivery.
• Identity & Access Management: Design and implement secure identity architectures in Microsoft Entra ID (Azure AD), including tenant configuration baselines. Engineer Conditional Access policies, MFA, passwordless, risk-based access (Identity Protection), and step-up authentication. Establish role-based access control (RBAC), Privileged Identity Management (PIM), Just-In-Time (JIT) access, and access reviews. Build joiner/mover/leaver lifecycle processes; integrate HRIS/IDaaS; govern external/guest access and B2B collaboration. Harden identities for hybrid environments (Entra Connect/Cloud Sync), legacy protocols, service principals, and workload identities.
• Microsoft Cloud Security (Azure & M365): Deploy and tune Microsoft Sentinel (data connectors, analytics rules, UEBA, workbooks, automation rules, hunting queries). Implement Defender for Cloud and Microsoft 365 Defender (Endpoint, Identity, Office 365, Cloud Apps) with secure configurations. Design secure landing zones (network segmentation, Private Link, Key Vault, managed identities, logging/monitoring). Apply Zero Trust principles across identity, device, network, apps, and data; document security baselines and exceptions. Integrate third-party controls (e.g., CrowdStrike) with Microsoft security for holistic detection and response.
• Engineering & Automation (Powershell/Devops): Develop robust PowerShell tooling and modules to automate Entra ID, Exchange Online, Defender, Intune, and Graph API workflows. Create automation runbooks (e.g., Azure Automation, Functions) for repetitive administrative and incident response tasks. Use KQL for analytics and threat hunting; build reusable dashboards and reports. Follow secure coding standards, version control (Git), and CI/CD practices for infrastructure-as-code where applicable.
• Detection, Response & Vulnerability Management: Triage and investigate alerts; lead incident response playbooks, root-cause analysis, and containment/remediation guidance. Correlate telemetry across Sentinel, Microsoft 365 Defender, and endpoint tools; develop custom detections and enrichments. Coordinate vulnerability scanning/validation and remediation with client teams; communicate risk and business impact. Prepare client-ready IT deliverables. Help design visually compelling and insightful IT presentations and reports, translating complex technical data into clear, actionable insights for clients
• Governance, Risk & Compliance (GRC): Map controls to frameworks (NIST CSF/800-53, ISO 27001, SOC 2); document policies/standards and exceptions. Support audit readiness and evidence collection; drive continuous improvement with measurable KPIs.
• Knowledge Sharing & Practice Development: Mentor analysts; perform peer reviews; contribute playbooks, templates, and accelerators. Assist pre-sales with scoping, level-of-effort, and solution narratives; participate in client demos and POCs.
• Maintain high level of billable time

Consultant, Cybersecurity

Senior Director, Cybersecurity Governance, Risk, and Compliance

Security Installer V

Senior AI/ML Engineer, Applied Machine Learning – Security Clearance

Principal Cybersecurity

Business Information Security Officer – Consumer and Wealth Management