Senior Security Engineer strengthening security at fintech startup Flanks, focusing on security initiatives and practices across applications and infrastructure.
About the role
- Security Engineer at Cortavo responsible for designing and implementing security across internal platforms and customer environments. Collaborating with teams to manage incidents and security operations.
Responsibilities
- Serve as primary escalation point for all security-related tickets from Service Delivery
- Own critical compromising or breached incidents end-to-end
- Conduct comprehensive After Action Reviews (AARs) and Root Cause Analyses (RCAs) for all security-related incidents
- Perform security and risk assessments for customer-facing networks
- Manage security tool ecosystem including Inky email protection tuning
- Conduct proactive client security reviews
- Lead Security Gap Assessments for customers
- Review Security Scores in Microsoft 365 and actively apply recommendations
- Drive security hardening initiatives including Conditional Access refinements
- Collaborate with Engineering Manager on Cortavo’s core internal infrastructure
- Work with Product Engineer and leadership to evaluate security tech stack
- Identify security gaps in tooling and processes
- Develop tech solutions and products ready to roll out for new Cortavo services
- Serve as the Accountable party in the RACI model to oversee security vulnerability scanning tools
Requirements
- Minimum 5-7 years of IT systems engineering experience in an MSP or multi-tenant environment
- Minimum 4 years of IT Security engineering, Cyber Security Architecture, or compliance infrastructure roles
- Proven experience handling security incidents and compromises in production environments
- Technical credibility in a security engineering role with demonstrated impact within multiple domains: Zero Trust/Conditional Access approaches, Endpoint Security, Data Protection, Mobile, Cloud Security
- Strong organizational, research, analytical and problem-solving skills to evaluate situations, make recommendations, and take effective action
- Ability to articulate complex technical concepts or scenarios to both technical and non-technical audiences
- Able to define, communicate, and present executive-level proposals of the risk-based business impact approach to cybersecurity
- Expert knowledge of security principles, solutions, tools, methodologies, and techniques
- Strong ability to partner with operations stakeholders
- Experience establishing platform governance, compliance standards, and security controls
- Expert knowledge of Networking and Firewalls, particularly with Cisco Meraki
- Expert knowledge in Microsoft 365, Azure AD, Exchange Online, Teams, and Microsoft Endpoint Manager (Intune)
- Strong experience with MFA implementation and Conditional Access policies
- Experience with security tools including email protection (e.g., Inky), EDR solutions (e.g., Crowdstrike)
- Proficiency with observability tools (Prometheus, Grafana, OpenTelemetry, Datadog)
- Knowledge in Infrastructure as Code (IaC) tools, such as Terraform, Puppet, Ansible
- Proficiency in Microsoft Server environments
- Proven experience in secure software development principles in various languages (Java, Go, JavaScript, Python, etc.)
- Experience conducting After Action Reviews (AARs) and Root Cause Analyses (RCAs)
- Customer-facing experience with ability to lead security assessments and discussions with executive stakeholders.
Benefits
- Health insurance
- 401(k) retirement plan
- Unlimited Paid Time Off (PTO)
- Fitness & Wellness Program
- Cell Phone Plan
- Student Debt Relief
- Child Care Expense Relief
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Director of Control Assurance leading IT risk management and controls testing at RBC. Propelling technology, risk, and security advancements across the organization.
OT Security Architect at Orange Cyberdefense providing security solutions for operational technology environments. Leading efforts in OT/ICS security and ensuring stable production for clients.
Physical Security Technology Manager overseeing design and implementation of security technologies across global offices. Collaborates with teams to ensure compliance and optimize security solutions.
Security Consultant for NTT DATA tackling client cybersecurity challenges through assessments and customized solutions. Responsible for implementing security measures and managing risk effectively.
Design and manage cybersecurity strategies protecting critical information assets for a retail company. Oversee compliance and lead information security initiatives in Mexico City and Culiacán.
Technical Capture Manager at Hadean responsible for delivering defence technology proposals. Translating technology capabilities into solutions for military and defence organisations.
Senior Product Manager driving cloud security strategy and development at ESET. Overseeing product lifecycle and collaborating with engineering teams to deliver innovative solutions.
Senior Product Manager leading the strategy and development of ESET's Identity Security portfolio. Driving innovation across identity protection areas such as ITDR and risk - adaptive authentication.
Cybersecurity Engineer at Capgemini responsible for designing secure network architectures. Leading incident responses and collaborating on security projects to enhance infrastructure safety and efficiency.