Ardent MillsRemote
Senior Security Engineer
District of Columbia, United States of America
Full Time
1 month ago
$140,000 - $200,000 USD
Visa Sponsor
Key skills
AWSAzureCloudPythonPowerShellData EngineeringLeadershipNetwork SecurityCloud SecurityFirewall
About this role
Role Overview
- Own detection engineering: SIEM use-cases, data pipelines, parsers, enrichment, and tuning to reduce false positives
- Lead threat hunting and purple-team exercises; drive control improvements based on TTPs (ATT&CK)
- Architect endpoint and email security baselines; optimize EDR/XDR policies and response automation
- Implement and optimize Data Loss Prevention (DLP) technical controls and integrations in alignment with enterprise data protection requirements
- Guide vulnerability management strategy (risk-based prioritization, exploitability analysis, compensating controls)
- Design partner in network security architectures (micro-segmentation, firewall policies, NDR) and secure remote access (SASE/ZTNA)
- Provide key insights for cloud workload protection (CSPM/CWPP/CIEM) and secure identity governance integrations
- Perform root-cause analysis and forensics coordination, document findings and corrective actions
- Mentor engineers; set coding and automation standards for security tooling and integrations
- Drive technology selection, POCs, and reference implementations; maintain technical roadmaps
- Track and improve detection quality metrics (e.g., false positives, coverage, MTTR)
- Represent security in architecture boards and major program decisions
- Develop and maintain security automation and response playbooks in partnership with SOC/MDR providers to improve detection and response efficiency
- Familiarity with OT/ICS security considerations in manufacturing environments
- Partner with SOC/MDR provider to continuously improve detection coverage and tuning
Requirements
- Bachelor’s degree in computer science, Engineering, or related field (or equivalent experience)
- 7-10 years in security engineering/operations with demonstrated leadership in complex environments
- Expertise in SIEM/XDR (e.g., Microsoft Sentinel, Defender XDR), network security, identity security, and cloud security platforms
- Experience working with SOC/MDR providers in a co-managed security model
- Experience working in hybrid environments spanning on-premises and Azure cloud
- Strong automation and scripting (Python/PowerShell); familiarity with data engineering for security telemetry
- Certifications: CISSP; OSCP or equivalent offensive credential; GIAC (GCIA/GCED/GREM) or similar advanced certs; CCSP
- Good to have: Experience leading red/purple team programs and building detection-as-code
- Certifications: SANS/GIAC GSE, AWS/Azure professional-level security certifications
Tech Stack
- AWS
- Azure
- Cloud
- Python
Benefits
- Medical, Dental and Vision Coverage
- Health and Dependent Savings Accounts
- Life and Disability Programs
- Voluntary Benefit Programs
- Company Sponsored Wellness Programs
- Retirement Savings with Company Match
- Team Member and Family Assistance Program (EAP)
- Paid Time Off and Paid Holidays
- Employee Recognition Program with Rewards (RAVE)