Information Security Engineer Lead

Job Description

Job Description

Job Summary

The Lead Security Engineer position is part of the Information Technology team, reporting directly to the Manager, Information Security. The focus of this role is to design, implement, and maintain advanced security solutions that protect the confidentiality, integrity, and availability of Cirrus digital assets. This role requires deep technical expertise in Microsoft technologies, cybersecurity engineering, and enterprise security architecture, as well as the ability to mentor Security analysts and partner with IT teams on secure system design and operations.

Duties and Responsibilities/Essential Functions

• Design, implement, and maintain enterprise security controls across Microsoft environments, including Azure, Entra ID (Azure AD), Microsoft 365, Microsoft Defender, and Windows Server platforms.
• Lead incident response activities, including investigation, containment, eradication, and recovery, as well as post-incident lessons learned.
• Analyze security events and alerts from IDS/IPS, SIEM, EDR/XDR, vulnerability scanners, and Microsoft security tools to identify and mitigate threats.
• Develop and implement security hardening baselines, patch management processes, and secure configuration standards for Microsoft platforms and hybrid environments.
• Collaborate with IT and business stakeholders to design secure solutions, ensuring security requirements are integrated into Windows, Active Directory/Entra ID, Azure, and Microsoft 365 systems.
• Conduct threat modeling and risk assessments, making recommendations for risk treatment and mitigation strategies.
• Oversee vulnerability management program, including regular assessments, prioritization, and remediation validation.
• Create strategies to mitigate risks and ensure compliance with relevant laws and regulations
• Focus on continuous improvement to stay updated on cybersecurity trends and emerging threats to enhance security measures.
• Provide mentorship and technical guidance to Information Security Analysts and IT staff.
• Assist in the development and enforcement of security policies, standards, and procedures, with specific emphasis on Microsoft platforms.
• Stay current with emerging threats, vulnerabilities, and security technologies; recommend improvements to strengthen the security posture
• Regular, reliable, and predictable attendance

Qualifications:

To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.

• Bachelor’s degree in Information Security, Computer Science, Information Systems, or equivalent combination of education and experience.
• 7+ years of progressive experience in information security, engineering, or related IT disciplines.
• Advanced knowledge of Microsoft technologies, including Azure, Entra ID (Azure AD), Office 365, Microsoft Defender suite, and Windows Server.
• Experience with SIEM, SOAR, EDR/XDR, vulnerability management, and forensic analysis tools, preferably integrated with Microsoft Sentinel and Defender.
• Strong understanding of cloud platforms (Azure, AWS, Google Cloud) and securing hybrid infrastructures.
• Relevant security certifications preferred: CISSP, CISM, OSCP, GIAC (GCIA, GCIH, GPEN), Microsoft Certified: Azure Security Engineer Associate, Microsoft 365 Security Administrator Associate, or equivalent.
• Demonstrated expertise in incident response, malware analysis, and intrusion detection.
• Proficiency with scripting/automation languages (PowerShell, Python, etc.) to enhance security operations.
• In-depth knowledge of common frameworks and standards (NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK).
• Proven ability to design and implement Zero Trust and defense-in-depth strategies.
• Applies advanced knowledge of Microsoft security technologies and enterprise platforms to solve complex challenges.
• Mentors and guides team members, builds trust, and fosters a culture of continuous improvement

Competencies

To perform the job successfully, an individual should demonstrate the following competencies:

• Manages Complexity – Asks the right questions to accurately analyze situations, acquires data from multiple and diverse sources when solving problems, uncovers root causes to difficult problems, evaluates pros and cons, risks and benefits of different solution options.
• Situational Adaptability – Picks up on situation cues and adjusts in the moment. Readily adapts personal, interpersonal, and leadership behavior. Understands that different situations may call for different approaches. Can act differently depending on the circumstance.
• Optimizes Work Processes – Identifies and creates the processes necessary to get work done, Separates and combines activities into efficient workflow, Designs processes and procedures that allow managing from a distance, Seeks ways to improve processes,
• Collaborates: Builds partnerships and works collaboratively with others to meet shared objectives.
• Organizational Savvy: Maneuvers comfortably through complex policy, process, and people-related organizational dynamics.
• Directs Work: Provides direction, delegates, and removes obstacles to get work done.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice. Work beyond 40 hours per week may be required.

Cirrus is dedicated to a drug free work environment promoting equal employment opportunity. Qualified applicants will receive consideration for employment without regard to race, sex, national origin, color, age, disability, religion, pregnancy, veteran status, marital and family status, sexual orientation, receipt of public assistance, genetic information or any other characteristic protected by applicable law.

Our Benefits: Cirrus provides a range of exciting benefits, including:

• 401(k) Plan: Dollar-for-dollar match up to 5% after 90 days, with 100% vesting.
• Employer-Paid Coverages: Group term life, short- and long-term disability insurance.
• Comprehensive Health Coverage: Medical, vision, dental, with additional dependent coverage options.
• Free Health Tracking: With rewards for meeting health goals.
• Generous PTO: 120+ hours accrued within the first year.
• Employee Referral Bonus: For referring talented candidates.
• Career Development: Tuition reimbursement and professional growth opportunities.
• Exclusive Discounts: Access to partner and marketplace discounts.
• Community & Engagement: Company and employee clubs at various locations.

These benefits are designed to support your well-being, growth, and enjoyment at Cirrus!