Position Summary

Assists in spearheading the development and enforcement of robust cybersecurity strategies, ensuring the highest level of security across all technological platforms. Leads threat prevention, detection, and remediation efforts for the organization.

Responsibilities

• Design and build robust security infrastructure that includes firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and secure network architectures. Ensure these measures are scalable and integrated seamlessly with existing systems.
• Perform regular threat assessments to identify vulnerabilities within the network and application layers. Develop and implement strategies to mitigate identified risks, including the deployment of patches, updates, and security enhancements.
• Lead the incident response team. Respond to security breaches and incidents with urgency, conduct thorough investigations to determine the root cause, and implement corrective actions to prevent future occurrences.
• Administer security tools and technologies, ensuring they are optimized to detect and prevent malicious activities. Evaluate and recommend new security solutions to enhance defense capabilities.
• Continuously monitor network traffic for unusual or suspicious activity. Use advanced network security tools to detect and block threats before they can infiltrate or damage the system.
• Work closely with the IT department and other relevant teams to ensure security measures are aligned with organizational needs. Report on security posture, incidents, and ongoing risk assessments to senior management.
  
  

Required Qualifications

• 7+ years of progressive information security experience, with 4+ years in a SOC, threat detection, or incident response role
• Deep expertise in Microsoft Security stack: Defender XDR, Defender for Endpoint (P2/E5), Defender for Identity, Microsoft Sentinel, and Log Analytics
• Strong KQL proficiency for custom analytics, threat hunting, and workbook development
• Hands-on experience with Entra ID / Azure AD, hybrid AD environments, and M365 security administration
• Demonstrated experience leading incident response engagements from detection through post-incident reporting
• Working knowledge of MITRE ATT&CK and its practical application to detection engineering
• Familiarity with HIPAA Security Rule requirements and healthcare security operations context
• Strong written communication skills; ability to produce clear incident reports and executive summaries
  
  

Preferred Qualifications

• Experience in a multi-org, multi-domain M365 tenant environment
• Hands-on experience with Logic Apps / Azure Automation for SOAR playbooks
• Familiarity with SentinelOne, Mimecast, Netwrix Auditor, or similar tooling in the NOR stack
• Experience working alongside DFIR retainer providers (e.g., Kroll, Mandiant) during major incidents
• Relevant certifications: MS-500, SC-200, SC-300, GCIH, GCFA, GDAT, CISSP, or equivalent
• Healthcare vertical experience (hospitals, health systems, or covered entities under HIPAA)
• Experience with BloodHound CE, Impacket, or similar AD security audit tooling

Pay Rate: Min - $145,000 l Max - $145,000

Job Listing ID: 1790308