Sr. Corporate Security Engineer

CentralReach is a leading provider of autism and IDD care software for Applied Behavior Analysis (ABA). They are seeking a Senior Corporate Security Engineer to strengthen the security posture of their internal IT environment and manage third-party risk, ensuring compliance with high security standards across the enterprise.

Responsibilities:

• Lead the hardening and continuous improvement of corporate IT systems, endpoints, and third-party SaaS applications
• Implement and maintain security controls for identity, endpoint, and network protection within corporate environments (e.g., SSO, MDM, email security, DLP)
• Conduct in-depth vendor security assessments, including technical and process evaluations of third-party products and services
• In partnership with the compliance, BizOps, and IT teams, manage and mature the third-party risk management (TPRM) program — from onboarding assessments to continuous monitoring and remediation tracking
• Collaborate with IT, procurement, legal, and compliance teams to ensure consistent enforcement of vendor security requirements
• Develop and maintain security baselines, configurations, and policies for corporate technologies
• Support internal audits, compliance reviews, and security awareness initiatives

Requirements:

• Strong understanding of endpoint, identity, and SaaS security best practices
• Experience with third-party risk management processes and conducting in-depth vendor security reviews
• Familiarity with corporate IT platforms (e.g., M365, Intune, Kandji, CrowdStrike, ZScaler, Proofpoint, etc.)
• Ability to assess cloud/SaaS vendors against frameworks such as SOC 2, HIPAA, ISO 27001, and CIS
• Excellent communication and collaboration skills — comfortable working across technical and business teams