Software Finder

Senior Security Engineer

Software Finder · 201 District, Virginia, United States

IT Services and IT Consulting · 201-500 employees

2 d ago
Senior (5-10 yrs) Full-time United States
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Design and implement enterprise security solutions across cloud and on-premises environments to protect business systems and data. Lead incident response, manage identity and access management, and ensure compliance with security frameworks.

What they look for

Cybersecurity Architecture Next-Generation Firewalls Zero Trust Architecture Incident Response Identity and Access Management Vulnerability Assessment Microsoft Entra ID SIEM Cloud Security Network Segmentation EDR/XDR Compliance Frameworks PowerShell Python Bash Security Hardening

Requirements

Requires a Bachelor's degree in a related field and over 5 years of hands-on experience in cybersecurity engineering. Must have strong expertise in enterprise security technologies, cloud platforms, and identity management solutions.

Full description

Job Overview

Software Finder is seeking an experienced Senior Security Engineer to strengthen and safeguard our enterprise technology environment. This role is responsible for designing, implementing, and continuously improving the organization's cybersecurity architecture across on-premises and cloud environments. The ideal candidate will play a critical role in protecting business systems, applications, networks, and data while ensuring compliance with security frameworks and industry best practices.

The successful candidate will lead security initiatives, manage enterprise security technologies, support incident response, enhance identity and access management, and collaborate closely with Infrastructure, Cloud, DevOps, and Product teams to embed security throughout the organization. This position requires a proactive security professional with strong technical expertise, analytical thinking, and leadership capabilities.

Key Responsibilities

  • Design, implement, and maintain enterprise security solutions across cloud and on-premises environments.
  • Manage and optimize security technologies including Next-Generation Firewalls (NGFW), VPNs, IDS/IPS, Web Application Firewalls (WAF), Endpoint Detection & Response (EDR/XDR), and secure network segmentation.
  • Implement Zero Trust security principles and secure remote access solutions across the organization.
  • Develop and enforce security hardening standards for servers, endpoints, cloud infrastructure, and network devices.
  • Monitor, investigate, and respond to security incidents, coordinating containment, eradication, recovery, and post-incident analysis.
  • Create and maintain incident response playbooks, security procedures, and technical documentation.
  • Manage Identity and Access Management (IAM) solutions including Microsoft Entra ID (Azure AD), Multi-Factor Authentication (MFA), Single Sign-On (SSO), Conditional Access, Privileged Identity Management (PIM), and identity governance.
  • Perform vulnerability assessments, security reviews, and risk analysis, ensuring timely remediation of identified issues.
  • Support compliance initiatives by assisting with security audits and implementing controls aligned with ISO 27001, SOC 2, NIST Cybersecurity Framework, CIS Controls, and other applicable standards.
  • Collaborate with Infrastructure, Cloud, DevOps, Engineering, and Product teams to integrate security into systems, applications, and projects.
  • Manage and optimize Security Information and Event Management (SIEM) platforms, endpoint protection solutions, and security automation tools.
  • Evaluate emerging cybersecurity threats and recommend proactive improvements to strengthen the organization's security posture.
  • Mentor junior security engineers, promote security awareness, and provide technical guidance across teams.
  • Develop security policies, standards, and best practices to ensure continuous improvement of cybersecurity operations.
  • Prepare security reports, dashboards, and recommendations for technical and business stakeholders.

Requirements

  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, Information Technology, or a related field.
  • 5+ years of hands-on experience in cybersecurity, security engineering, or information security roles.
  • Strong expertise in enterprise security technologies including NGFW, IDS/IPS, VPN, WAF, EDR/XDR, SIEM, and endpoint security.
  • Experience securing cloud platforms such as Microsoft Azure, AWS, or Google Cloud Platform.
  • Hands-on experience with Microsoft Entra ID (Azure AD), Identity & Access Management (IAM), MFA, SSO, Conditional Access, and Privileged Identity Management (PIM).
  • Strong understanding of Zero Trust Architecture, network security, and infrastructure hardening.
  • Experience in security monitoring, incident response, threat detection, and forensic investigation.
  • Familiarity with vulnerability management tools and security assessment methodologies.
  • Working knowledge of compliance frameworks including ISO 27001, SOC 2, NIST Cybersecurity Framework, and CIS Controls.
  • Experience with scripting or automation using PowerShell, Python, or Bash is an advantage.
  • Strong analytical, troubleshooting, and problem-solving skills.
  • Excellent communication, stakeholder management, and documentation skills.
  • Ability to manage multiple priorities in a fast-paced environment.

Preferred Skills

  • Professional certifications such as CISSP, CISM, CEH, CompTIA Security+, Microsoft Security Certifications (SC-200, SC-300, AZ-500), CCSP, or GIAC.
  • Experience with Security Orchestration, Automation and Response (SOAR) platforms.
  • Knowledge of DevSecOps practices and Secure Software Development Lifecycle (SSDLC).
  • Experience securing containerized environments, Kubernetes, and cloud-native applications.
  • Familiarity with penetration testing methodologies and threat intelligence platforms.
  • Strong understanding of security architecture, risk management, and governance.
  • Experience mentoring technical teams and leading enterprise security initiatives.
  • Passion for continuous learning and staying up to date with emerging cybersecurity threats, technologies, and industry best practices.

Location: Lahore, Pakistan Work Mode: On-site Working Hours: Monday – Friday | 10:00 AM – 7:00 PM (PKT)