Senior Security Engineer II
United States of America
Full Time
2 hours ago
$155,000 - $180,000 USD
H1B Sponsor
Key skills
Microsoft security solutionsCloud security best practicesCompliance frameworks knowledgeIdentityAccess ManagementIncident response proceduresData governance toolsVulnerability managementNetwork security knowledgeApplication security initiativesCybersecurity experienceIndustry certificationsCloud-specific security certificationsCollaboration skillsIndependent workCross-functional teamworkAWSAzureGCPAzure ADEntra IDIdentity ManagementCommunicationCollaborationCloud Security
About this role
BerryDunn is a client-centered, people-first professional services firm that provides assurance, tax, and consulting services. They are seeking a Senior Security Engineer II to enhance the organization’s security posture and manage Microsoft security solutions while ensuring compliance with regulatory standards.
Responsibilities:
- Implement and Manage Cloud Security Controls: Apply cloud security best practices across corporate and cloud environments (preferably Microsoft Azure) to monitor, maintain, and continuously improve enterprise security posture
- Framework Alignment & Compliance: Ensure alignment with industry-standard security frameworks and regulatory requirements (e.g., ISO/IEC 27001, NIST, HIPAA, SOC 2, AICPA Trust Services Criteria)
- Data Governance & Compliance Tools: Design, deploy, and maintain Microsoft Purview features including data cataloging, classification, lineage, and compliance policies
- Identity and Access Management: Administer and optimize identity management and access control systems, including Microsoft Entra ID (Azure AD), to ensure secure authentication and authorization
- Incident Response: Support the development, execution, and continuous improvement of incident response procedures, including active participation during security incidents
- Policy/Standard/Procedure Development: Create, update, and enforce security policies, standards, and procedures aligned with organizational goals and compliance requirements
- Security Architecture Collaboration: Work closely with IT and architecture teams to embed security controls into system and application design
- Security Tooling & Technology Evaluation: Research, recommend, and assist in the implementation of modern security technologies and solutions to enhance defenses
- Network and Protocol Security: Leverage knowledge of networking fundamentals and security protocols to ensure proper segmentation, encryption, and protection of corporate assets
- Application Security Participation: Support application security initiatives including secure development practices, vulnerability management, and remediation workflows
- Cloud Defense Platforms: Administer Microsoft Defender for Cloud and other cloud-native security tools to detect and respond to threats
- Perform other security-related tasks and initiatives as required in support of evolving organizational needs and technology initiatives
- Actively contribute to cross-functional projects involving information security, privacy, risk, and compliance
Requirements:
- Strong technical expertise in O365, Microsoft 365 Purview, Microsoft Purview in Azure, Microsoft Defender, and Entra
- Understanding of security within on-premise infrastructure using VMWare and Azure Hybrid environments
- Proven experience designing, deploying, and managing Microsoft Purview environments
- Deep understanding of ISO 27001, NIST CSF, HIPAA, AICPA, and SOC 2 frameworks, including associated Privacy and Security Rules
- Hands-on experience implementing technical safeguards to meet HIPAA and other regulatory requirements
- Solid knowledge of cloud security best practices and identity/access management principles
- Proficiency in data classification, labeling, and Data Loss Prevention (DLP) strategies
- Strong communication, collaboration, documentation, and problem-solving skills
- Ability to work both independently and collaboratively within cross-functional teams
- Bachelor's degree in Computer Science, Information/Cyber Security, or a related field (or equivalent professional experience)
- 7+ years of experience in cybersecurity, including at least 2 years in enterprise environments
- Strong expertise in network, system, and cloud security
- Industry certifications such as CISSP, CISM, CEH, or GIAC
- Cloud-specific security certifications (e.g., Microsoft Azure, Microsoft Purview, AWS Certified Security)
- Experience in cybersecurity vendor environments
- Proficiency with Microsoft Records Management and/or Information Governance processes
- Advanced knowledge of cloud security, particularly with Azure and GCP; experience with other data catalog and governance tools (e.g., Collibra, Alation, Informatica)
- Client-facing consulting experience in compliance, data governance, and regulatory alignment