Senior Cybersecurity Engineer (Information Technology)

Senior Cyber Engineer
Franklin, TN (CoolSprings remote)

JOB SUMMARY:
At D4C Dental Brands, our mission is to help children achieve a lifetime of great oral healthand cybersecurity plays a vital role in protecting the systems that support that care. The Senior Cybersecurity Engineer plays a pivotal role in safeguarding our organization's information assets. This role focuses on designing, implementing and managing security solutions for all of D4Cs infrastructure across servers, network and cloud, building and managing IAM solutions for user identities and access rights, evaluating leading edge technologies, responding to cyber threats and incidents, and participating in vulnerability remediation. The Senior Cybersecurity Engineer works within our Cybersecurity team in IT and collaborates with various teams to protect against cyber threats. This role requires a strong analytical mindset, technical aptitude, and a commitment to continuous learning in the ever-evolving cybersecurity landscape. This support is crucial to the delivery of the companys mission of helping children achieve a lifetime of great oral health.

EDUCATION/CREDENTIALS:
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field preferred.Relevant security certifications: CISSP, CISM, CompTIA Security+, GIAC certifications (GSEC, GCIA), Microsoft Security, or equivalent, required.

JOB RELATED EXPERIENCE:

5+ years of experience in security engineering, security operations, or a related role with a focus on managing the Microsoft E5 security stack and other advanced security technologies.

JOB-RELATED SKILLS/COMPETENCIES:
In-depth knowledge of the Microsoft E5 security stack, including the Defender suite, InTune, and Purview.Advanced understanding of network security, operating systems security (Windows, MacOS. Linux), cloud security (particularly Azure), and common attack techniques.Extensive experience in implementing and managing security tools across servers, cloud infrastructure, endpoints, network appliances and identities.Robust analytical and problem-solving skills.Extensive experience in technical risk assessment, remediation and mitigation..Extensive experience in incident response, especially as it relates to an understanding of common attack techniques that D4C can use to inform its response tactics.Advanced scripting or programming skills (Python, PowerShell) preferred.

WORKING CONDITIONS/PHYSICAL DEMANDS:

Office Environment/Remote

MAJOR DUTIES AND RESPONSIBILITIES:
Infrastructure Security Engineering: Design, implement, and manage security measures to protect the organization's infrastructure, including servers, networks (firewalls, VPNs, IPS), and cloud environments (particularly Azure). Collaborate with the Modern Infrastructure team to ensure secure configurations and practices.Identity & Access Management (IAM): Implement and maintain IAM solutions, including Azure Active Directory (AAD), Multi-Factor Authentication (MFA), Conditional Access policies, and Privileged Identity Management (PIM). Manage user identities and access rights across the organization using tools such as Microsoft Identity Manager (MIM) and Azure AD Connect. Integrate IAM solutions with other security tools and systems to enhance overall security posture.Microsoft E5 Security Stack Management: Collaborate with other D4C Security Engineers to implement, configure and manage the Microsoft E5 security suite, including Defender for Cloud Apps, Defender for Identity/Entra Identity Protection, Defender for Office 365, Defender for Endpoint, InTune, and Purview. Ensure the integration and effectiveness of these tools in the overall security posture.Vulnerability Management: Collaborate with the D4C Cybersecurity team and Modern infrastructure team to apply remediations and implement proactive threat mitigation strategies based on our regular vulnerability scans across all systems, applications, devices, and networks.Technical Risk Assessment: Perform risk assessments and consume risk assessments from outside parties to identify potential threats and vulnerabilities within the organization's technology infrastructure. Develop and implement risk mitigation plans, configurations, and mitigating controls to reduce the organization's exposure to cybersecurity threats. Collaborate with stakeholders to ensure risk remediation plans are understood and implemented appropriately.Leading Edge Technology Evaluation: Stay abreast of the latest advancements in cybersecurity technology and best practices. Lead the security team in evaluating and recommending new security technologies and solutions that integrate well with our stack and enhance the organization's cybersecurity posture. Lead proof-of-concept initiatives to assess the feasibility and effectiveness of emerging security technologies. Lead the implementation efforts of selected technologies.Incident Response and Investigation: Participate in security event and incident response activities by collaborating with our managed SOC provider and members of the D4C Cybersecurity team to investigate and resolve escalated alerts. Bring a keen understanding of attack techniques commonly used to help inform our response tactics and techniques. Participate in threat briefings to fortify our network and assets. Assist in maintaining our IR plan and help facilitate IR exercises.Threat Intelligence: Consume threat intelligence reports and industry news sources to stay constantly informed about emerging threats, vulnerabilities, and attack techniques. Apply this knowledge to improve detection capabilities specifically tailored to your thorough knowledge of the D4C IT environment, assets and security technologies.Governance, Risk and Compliance: As needed, collaborate with the Information Protection team to research relevant cybersecurity regulations and frameworks to drive requirements for the security program, respond to external audits, develop and implement remediations for issues/findings, and assist in developing policies and procedures relevant to your domains of expertise.

BENEFITS:
Paid Time OffPaid HolidaysMedical, Dental and Vision benefitsHealth Savings Account, Flex Spending401KShort and Long Term Disability InsuranceLife Insurance