Full Time
$2,000 – $3,500 per month (USD)
40
Jul 10, 2026
OVERVIEW
The number one goal of everyone on our team is to deliver an exceptional service and experience to our clients. The Staff Security Engineer plays a critical role in achieving that by leading the technical security work that keeps our clients protected, and proving that protection every day.
This is the most senior individual-contributor role on the security team. The Staff Security Engineer sets technical direction for detection, response, and hardening, builds and tunes the tooling our SOC relies on, and leads investigations when something serious happens.
We believe identity is the first line of defense, and this role owns much of that thesis in practice: strong detections, fast response, and continuous hardening across identity, endpoint, network, and
Beyond hands-on engineering, this role mentors junior SOC analysts, develops the procedures the team runs on, and supports the compliance and reporting work that demonstrates security value to clients and auditors.
RESPONSIBILITIES & TASKS
DETECTION & SECURITY ENGINEERING
- Build, tune, and maintain detections across the security stack to catch real threats and reduce noise
- Own the configuration and health of SOC tooling spanning EDR, application control, endpoint hardening, identity, and network security
- Develop and maintain detection logic, alerting rules, and automated response actions
- Lead threat hunting across client environments to find what automated detections miss
- Drive continuous hardening across identity (Okta, Beyond Identity, Entra ID), endpoint (CrowdStrike, ThreatLocker, Senteon), and network (Cato Networks, FortiGate, Island Enterprise Browser)
I
- Serve as the senior technical lead during security i
- Lead containment, eradication, and recovery for confirmed compromises
- Conduct root-cause analysis and produce clear post-i
- Translate i
VULNERABILITY & POSTURE MANAGEMENT
- Lead the vulnerability management program: scanning, prioritization, and remediation tracking
- Assess client environments against recognized frameworks (NIST, CIS) and identify gaps
- Leverage GRC tooling (Vanta, Drata) to track posture, manage evidence, and support compliance programs
- Recommend and help implement security improvements that measurably reduce risk
SOC PROCEDURES & DOCUMENTATION
- Develop and maintain SOC runbooks and investigation procedures
- Document detections, response steps, and tooling configuration in the team's documentation systems
- Ensure all investigations and actions are accurately tracked in Pylon
- Build repeatable, teachable processes so the team responds consistently
COMPLIANCE & REPORTING
Support compliance and evidence work using Vanta and Drata (frameworks, attestations, cyber insurance requirements)
Contribute security data and narrative to client reporting and business reviews
Help translate technical security posture into business-level risk language
COMMUNICATION, REPORTING & RISK MANAGEMENT
- Identify and proactively communicate security risks and gaps
- Escalate significant findings and i
- Provide clear updates during active investigations
- Ensure alignment between security work and client risk priorities
TEAMWORK & LEADERSHIP
- Mentor and coach junior SOC analysts on investigation and detection skills
- Set the technical standard for quality and rigor on the security team
- Follow and contribute to Standard Operating Procedures (SOPs)
- Contribute to innovation and continuous improvement initiatives
SKILLS AND ATTRIBUTES
REQUIRED
- Strong hands-on experience in security operations, detection engineering, or i
- Deep identity security experience: Okta, Beyond Identity, Entra ID, Conditional Access, token and session attack patterns
- Hands-on experience with enterprise EDR (CrowdStrike or equivalent) and endpoint investigation
- Experience with application control and endpoint hardening (ThreatLocker, Senteon, or equivalent)
- Working knowledge of SASE/SD-WAN and network security tooling (Cato Networks, FortiGate)
- Multi-platform device management experience (NinjaOne, Addigy, Intune, Apple Business Manager
- Experience with GRC and compliance platforms (Vanta, Drata, or equivalent)
- I
- Vulnerability management and hardening experience
- Working knowledge of frameworks such as NIST CSF and CIS Controls
- Scripting and automation experience (PowerShell preferred)
- Excellent communication skills, including writing clear findings for non-technical audiences
- A deep desire to deliver an exceptional client experience
NICE TO HAVE
- Experience working in a Managed Service Provider (MSP) or MSSP environment
- Hands-on experience with tools in our stack (CrowdStrike Flight Control, ThreatLocker, Senteon, Okta, Beyond Identity, Cato - Networks, Island Enterprise Browser, Vanta, Drata)
- Certifications such as:
- Security (Security+, CySA+, GCIH, GCIA, or equivalent)
- Microsoft security (SC-200, SC-300, AZ-500)
- Identity / IAM (Okta certifications or equivalent)
- CrowdStrike certifications (CCFA, CCFR, or similar)
- Experience contributing to compliance programs or audits
- Experience with, or a strong interest in, working on LLM-based (Large Language Model) projects, including evaluating, implementing, or integrating AI-driven solutions such as automation workflows, data analysis, knowledge retrieval, and conversational systems into business or technical environments.
Note: When reaching out, please include your CV and your DISC assessment. Thanks!