Senior Cybersecurity Engineer
Arlington, Texas, United States of America
Full Time
2 weeks ago
No Visa Sponsorship
Key skills
AzureCloudCyber SecurityPowerShellEntra IDCommunicationCloud Security
About this role
Role Overview
- Lead Azure and Microsoft 365 security investigations, including identity compromise, privilege escalation, persistence, data exfiltration, and abuse of cloud services
- Act as the senior escalation point for complex cloud investigations, providing investigative direction and response strategy
- Perform investigations using Azure Activity Logs, Entra ID logs, Microsoft 365 Unified Audit Log, Defender telemetry, and related forensic artifacts
- Develop and standardize cloud‑specific incident response playbooks to improve consistency and efficiency
- Stay current with evolving attack techniques and security technologies to design, build, and continuously refine cloud detections and alerts across Azure and Microsoft 365
- Participate in an on‑call rotation as needed to support timely response to security incidents outside of standard business hours
Requirements
- Extensive hands‑on experience responding to security incidents in Microsoft Azure and/or Microsoft 365
- Strong understanding of Azure tenant and subscription architecture, Entra ID identity models, roles, conditional access, and privilege management
- Deep familiarity with cloud logging, telemetry sources, and forensic artifacts, including what is available, how it is acquired, and how attackers attempt to evade it
- Advanced experience writing and optimizing KQL queries for investigation and threat hunting across Defender data sources
- Ability to use Graph API, PowerShell, and automation to acquire evidence, investigate at scale, and accelerate response actions
- Demonstrate strong familiarity with cloud security platforms such as Microsoft Defender and Wiz
- Strong knowledge of the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
- Experience translating investigations into repeatable response processes, documentation, and improvement opportunities for detection and prevention.
- Background in cloud security engineering or architecture or prior senior‑level incident response experience with significant cloud exposure.
- Demonstrated ability to communicate across multiple levels of stakeholders
- Ability to document and summarize technical evidence and findings
- Good interpersonal, verbal, and written communication skills across various mediums
- Ability to exercise prudent judgment and offer knowledgeable recommendations
- High School Diploma or equivalent required
- Bachelor’s Degree in related field or equivalent work experience strongly preferred
- 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
- 3-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
- One or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, or CPTS highly preferred
Tech Stack
- Azure
- Cloud
- Cyber Security
Benefits
- Generous benefits package available on day one to include: 401K matching
- bonding leave for new parents (12 weeks, 100% paid)
- tuition assistance
- training
- GM employee auto discount
- community service pay
- nine company holidays