Job Description

Are you ready to step out of the reactive world of SOC operations and MSP services into a role where you can play a key role in the continued buildout of a security program? We're seeking a Senior Information Security Engineer to serve as the primary technical security resource for our client's evolving technology group, working in partnership with the Senior Information Security Administrator to create a comprehensive security framework.

**Candidates local to Buffalo, NY work in the office 2 days/week.  Open to Remote work arrangement for non-local candidates.

The Opportunity

This is your chance to transition from monitoring alerts to architecting solutions. You'll be the technical cornerstone of our security initiatives, with 80-90% of your time focused on proactive security measures rather than firefighting. While you'll handle the occasional incident (typically one documented case per week), your primary mission is building automated defenses and establishing robust security infrastructure that scales with our client's growth as they continue to migrate to Azure.

Security Architecture & Implementation

The Sr. Information Security Engineer will:

• Design and deploy comprehensive security solutions across Microsoft-centric cloud environment
• Leverage Microsoft Sentinel SIEM capabilities to enhance threat detection and response
• Strengthen firewall configurations and application vulnerability management programs

Microsoft Security Ecosystem Mastery

• Optimize Microsoft Defender suite deployment (Endpoint, Office 365, Identity, Cloud Apps)
• Enhance Microsoft Purview DLP configurations to prevent data exfiltration and ensure compliance
• Automate security workflows using PowerShell and Microsoft security APIs
• Manage Exchange Online security in the M365 environment

Incident Response & Threat Management

• Lead incident response efforts when security events occur
• Develop and refine incident documentation and response procedures
• Address common security challenges including compromised email accounts and user security awareness gaps
• Create automated responses to routine security issues

Compliance & Risk Management

• Support initiatives toward SOX compliance readiness
• Ensure HIPAA compliance for sensitive data handling
• Collaborate with business teams to implement proper data protection protocols
• Perform regular security assessments and vulnerability management

Your Background

Essential Experience:

• 5+ years in hands-on information security engineering, ideally from SOC or Security MSP environments
• Strong incident response experience with documented case management
• Expertise with Microsoft 365 security stack and cloud security principles
• Advanced PowerShell scripting capabilities
• Experience with SIEM platforms and security automation

Technical Proficiencies:

• Microsoft Defender ecosystem (all modules)
• Microsoft Purview DLP implementation and management
• Azure AD, Conditional Access, and identity management
• Windows Server, Active Directory, and hybrid environments
• Security frameworks (NIST, CIS, ISO 27001)

Why This Role is Different

• Ownership: Be THE security expert, not just another analyst
• Growth: Build programs rather than maintain existing ones
• Support: Management recognizes security as a top priority with budget backing
• Collaboration: Work directly with senior leadership and cross-functional teams
• Impact: See your security implementations directly protect the organization