Cybersecurity Engineer

We are seeking a Cybersecurity Engineer with 3-5 years of hands-on experience to join our growing cybersecurity team. In this role, you will be responsible for the day-to-day engineering, administration, and optimization of our security tools and infrastructure. You will work closely with the Cybersecurity Manager and the broader IT team to implement, monitor, and improve the security controls that protect our Microsoft Azure / M365 cloud environment, endpoints, and data.
 

This is a hands-on technical role with meaningful exposure to compliance frameworks, incident response, and vendor management - making it an excellent opportunity for someone who wants to grow their career across the full breadth of cybersecurity in a regulated financial services environment.

Primary Responsibilities:
 

Security Engineering & Operations

• Deploy, configure, tune, and maintain enterprise security tools including EDR, SIEM, email security, DNS filtering, and endpoint management platforms.

• Monitor security alerts and events across the environment, performing triage, investigation, and escalation of potential incidents.

• Manage and optimize detection rules, alerting thresholds, and automated response workflows within SIEM and EDR platforms.

• Support the administration and enforcement of Conditional Access Policies, application control policies (AppLocker), and identity and access management configurations within Microsoft Entra ID (Azure AD).

• Assist with the deployment and management of mobile device management (MDM/MAM) policies through Microsoft Intune.

• Conduct vulnerability assessments and coordinate remediation efforts with IT infrastructure and application teams.

• Develop and maintain PowerShell or Python scripts to automate routine security tasks, reporting, and data collection.

Vulnerability Management

• Manage the end-to-end vulnerability management lifecycle - scanning, prioritization, remediation tracking, and validation across servers, endpoints, and cloud resources.

• Coordinate and execute OS and third-party application patching across the environment, ensuring timely remediation of critical and high-severity vulnerabilities in alignment with established SLAs and maintenance windows.

• Triage vulnerability scan results and prioritize remediation based on exploitability, asset criticality, and environmental context - not just raw CVSS scores - while developing compensating controls and risk acceptance documentation for vulnerabilities that cannot be immediately patched.

• Monitor threat intelligence feeds and vendor advisories (Microsoft Patch Tuesday, CISA KEV catalog, vendor-specific bulletins) and track patching compliance metrics to support both proactive risk reduction and SOC 2 audit evidence requirements.
   

Incident Response

• Participate in incident detection, investigation, containment, and remediation activities.

• Perform log analysis and forensic investigation across endpoint, network, identity, and cloud environments.

• Document incidents thoroughly, including root cause analysis, timeline reconstruction, and lessons learned.

• Coordinate with the managed SOC provider on alert escalation, tuning requests, and incident handoff procedures.

• Contribute to the development and testing of incident response playbooks and procedures.

Compliance & Governance

• Support the ongoing maintenance of SOC 2 Type 2 compliance, including evidence collection, control testing, and audit coordination through our compliance automation platform (Drata)

• Assist with the development, review, and enforcement of cybersecurity policies, standards, and procedures.

• Contribute to vendor security assessments and due diligence reviews as part of our vendor risk management program.

• Support Business Continuity Plan (BCP) documentation, tabletop exercises, and testing activities.

• Help prepare materials and reporting for the Cyber Risk Steering Committee (CRSC) and other governance bodies.
   

Security Awareness & Collaboration

• Support the development and delivery of security awareness training and phishing simulation campaigns.

• Serve as a knowledgeable security resource for IT colleagues and the broader organization, translating technical concepts into clear, actionable guidance

• Collaborate with cross-functional teams including IT infrastructure, compliance, and risk management to integrate security into business processes.

Required Credentials:

• 5 - 7 years of hands-on experience in cybersecurity engineering, security operations, or a closely related technical security role.

• Strong working knowledge of Microsoft Azure and M365 security capabilities, including Entra ID (Azure AD), Conditional Access, Defender suite, and Purview.

• Experience deploying, managing, and tuning EDR platforms (e.g., SentinelOne, CrowdStrike, Microsoft Defender for Endpoint).

• Experience with SIEM platforms - log ingestion, correlation rule development, alert tuning, and dashboard creation (e.g., FortiSIEM, Sentinel, Splunk, or comparable).

• Demonstrated experience managing enterprise patching programs across Windows endpoints and servers, with familiarity in patch management tooling (e.g., WSUS, Intune, SCCM/MECM, or third-party solutions).

• Hands-on experience with vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7) including scan configuration, result analysis, and remediation workflow management.

• Ability to assess and prioritize vulnerabilities using contextual risk factors beyond raw CVSS scores, including asset exposure, exploit availability, and business impact.

• Solid understanding of identity and access management concepts including MFA, SSO, RBAC, and privileged access management.

• Familiarity with endpoint management tools such as Microsoft Intune and application control technologies like AppLocker.

• Experience with vulnerability management tools and processes (e.g., Tenable, Qualys, Rapid7).

• Working knowledge of common security frameworks and standards (NIST CSF, CIS Controls, MITRE ATT&CK).

• Competency in scripting for automation and reporting (PowerShell preferred; Python a plus).

• Strong analytical and problem-solving skills with the ability to investigate complex security events across multiple data sources.

• Excellent written and verbal communication skills - able to clearly explain technical security topics to both technical and non-technical audiences.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field - or equivalent practical experience.

Preferred Qualifications:

• Experience working in financial services, wealth management, or another regulated industry.

• Hands-on experience supporting SOC 2 audits, including evidence collection and control validation.

• Experience with compliance automation platforms (e.g., Drata, Vanta).

• Familiarity with vendor risk management processes and third-party security assessments.

• Experience coordinating with managed security service providers (MSSPs) or managed SOC teams.

• Exposure to DNS filtering solutions (e.g., DNSFilter, Cisco Umbrella).

• Familiarity with business continuity and disaster recovery planning.

• Understanding of SEC, FINRA, or other financial services regulatory requirements as they relate to cybersecurity.
   

​One or more industry certifications such as:

• CompTIA Security+, CySA+, or CASP+

• Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) or Security Operations Analyst (SC-200)

• Microsoft Certified: Azure Security Engineer Associate (AZ-500)

• Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400)

• Microsoft Certified: Identity and Access Administrator Associate (SC-300)

• GIAC certifications (GSEC, GCIH, GCIA)

• Certified Information Systems Security Professional (CISSP) - Associate level acceptable

• Certified in Risk and Information Systems Control (CRISC)

Compensation:

$115,000 - $130,000

Why Cerity Partners:

Our people drive our success by working together to deliver exceptional service to our clients. Below is a glimpse of the key elements of our total rewards package:

• Health, dental, and vision insurance – day 1!

• 401(k) savings and investment plan options with 4% match

• Flexible PTO policy

• Parental Leave

• Financial assistance for advanced education and professional designations

• Opportunity to give back time to local communities

• Commuter benefits