Senior Security Engineer (MSP or MSSP) - Remote (USA)

About us: At Echelon Risk + Cyber, we believe in defending basic human rights to security and privacy. We seek a highly skilled and experienced Senior Security Engineer to join our dynamic team at Echelon Risk + Cyber, a leading cybersecurity consulting firm. Our next team member will be ready to roll up their sleeves and identify opportunities for our clients and for Echelon internally with unquestioned integrity. This team member will be passionate about cybersecurity and ready to use their knowledge to be an Entrepreneurial Problem Solver and work alongside their Echelon team members to build creative solutions. At Echelon, we believe learning never stops. You will have the opportunity to engage with systems that are at the cutting edge of technology and team members that will challenge you with meaningful work. We allow our team members to build from the ground up and make an impact across the organization. What You Will Do:

• Implement and enforce security policies and procedures based on industry standards
• Conduct regular security assessments, audits, and ensure compliance with security standards
• Design and implement secure cloud solutions (Azure and AWS)
• Utilize Cloud Security Posture Management (CSPM) technologies
• Ensure the security of SaaS platforms, including email, file sharing, and 3rd party applications
• Configure and manage security controls for servers and endpoints, including deploying and managing endpoint protection solutions
• Implement security policies for Mobile Device Management (MDM)
• Conduct regular vulnerability scans and automated penetration tests utilizing in-house tools and develop remediation plans for identified vulnerabilities
• Implement and manage IAM solutions, including single sign-on (SSO) and privileged access management (PAM)
• Ensure proper user provisioning and access controls
• Lead technical implementations of data protection services, including Data Loss Prevention (DLP) solutions
• Participate in the development and maintenance of disaster recovery plans and procedures
• Review and ensure backups, redundancy, and replication solutions meet availability and recovery best practices, including performing regular recovery tests
• Conduct security reviews, assessments, and hardening activities across key systems from endpoints, servers, network infrastructure, and Cloud services
• Apply and enforce security configuration benchmarks (e.g., CIS, NIST)
• Ensure compliance with regulatory requirements and industry standards
• Implement and manage security information and event management (SIEM) systems
• Deploy and maintain managed detection and response (MDR), intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Configure and manage network security policies across perimeter and internal network equipment, including firewalls and wireless access points
• Participate in incident response planning and tabletop exercises, and develop incident response plans and playbooks
• Assist with the implementation and configuration of security awareness training programs and solutions
• Work closely with clients to understand their security needs and provide tailored solutions
• Collaborate with cross-functional teams to ensure security is integrated into all aspects of IT infrastructure, and develop technical security standards and operational procedures Your knowledge, skills, and abilities:
• Bachelor's degree in Computer Science, Information Security, or related field
• Relevant certifications: CCSP, CISSP, CEH, CISM, etc.
• Experience working in managed IT or Security services (MSP or MSSP), handling numerous clients and environments simultaneously
• Strong understanding of security technologies and frameworks
• Excellent problem-solving and analytical skills
• Strong communication and interpersonal skills
• Applicants must have authorization to work in the United States without current or future visa sponsorship. Preferred Qualifications:
• Familiarity with regulatory requirements such as FFIEC, SOC 2, ISO 27001, GDPR, CMMC, HIPAA, PCI-DSS, etc
• Familiarity with popular security frameworks such as CIS, NIST, ISO, SOC2
• Experience with enterprise security technologies (firewalls such as Palo Alto and FortiGate, endpoint security tools such as CrowdStrike, SentinelOne, and FortiEDR)
• Experience working in or with a Security Operations Center (SOC)
• Experience participating in Security Assessments and Audit efforts
• Familiarity with DevSecOps practices and tools
• Ability to be agile and juggle multiple clients, initiatives, and priorities effectively
• Skilled in gathering, assessing, and presenting technical security metrics and trends Why Echelon? We are committed to creating an inclusive environment for our team with unquestioned integrity. If you have a special need that requires accommodation, please let your recruiter know. One of our core values is "People with Personality," and we want to allow you the space to bring your full self t

Apply tot his job Apply To this Job