Senior Security Engineer II

Overview

We are looking for a talented and driven Senior Security Engineer II to join our expanding security team. In this role, you will be instrumental in strengthening and maintaining our organization’s security posture while also supporting the security of our products and services. This is a hands-on position that requires a strong grasp of multiple security domains and the ability to thrive in a dynamic, fast-paced environment. You will design, implement, and maintain security infrastructure to protect enterprise systems, networks, and data from cyber threats while ensuring compliance with regulatory standards. Collaboration will be key as you work closely with IT, compliance, and business teams to implement security best practices, monitor risks, and respond promptly to security incidents. This role is primarily responsible for designing, implementing, and managing Microsoft security solutions—including Purview, Entra, and Defender Cloud—to ensure robust data governance, compliance, and risk management across the organization’s data assets. A key focus will be maintaining compliance with HIPAA (Health Insurance Portability and Accountability Act), HITECH (Health Information Technology for Economic and Clinical Health Act), and AICPA requirements. The Security Engineer will play a vital role in safeguarding Protected Health Information (PHI) throughout its lifecycle within Microsoft 365 and Azure environments.

Responsibilities

• Implement and Manage Cloud Security Controls: Apply cloud security best practices across corporate and cloud environments (preferably Microsoft Azure) to monitor, maintain, and continuously improve enterprise security posture.
• Framework Alignment & Compliance: Ensure alignment with industry-standard security frameworks and regulatory requirements (e.g., ISO/IEC 27001, NIST, HIPAA, SOC 2, AICPA Trust Services Criteria).
• Data Governance & Compliance Tools: Design, deploy, and maintain Microsoft Purview features including data cataloging, classification, lineage, and compliance policies.
• Identity and Access Management: Administer and optimize identity management and access control system

This position can sit remotely or at any of our office locations.

Travel Expectations

This role requires minimal travel, less than 10% per year.