Security Engineer/Sr. Security Engineer

Job Description

Job Summary:

The Senior Security Engineer designs and implements strategies to protect internal networks and cloud environments from unauthorized access. This role ensures secure architecture, identifies vulnerabilities, and mitigates risks in collaboration with security teams. A key focus is Microsoft 365 & Cloud Security, supporting policy development, compliance, and enterprise projects within Markel’s Global Security Services (GSS) division.

Responsibilities:

• Secure configuration of cloud-based collaboration and productivity tools.
• Oversee cloud environment changes and software deployments for security compliance.
• Apply corporate security frameworks to cloud application design and implementation.
• Develop and maintain cloud security architecture to meet compliance standards.
• Monitor and report on cloud security metrics for business insights.
• Ensure secure authentication, authorization, and encryption (API integrations, MFA, zero trust).
• Secure mobile technology solutions and access controls.
• Develop test environments for security solutions and automation scripts.
• Provide operational support for security tools (vulnerability management, SIEM, EDR).
• Participate in incident response, firewall changes, risk reviews, and policy updates.
• Stay updated on cyber threats, security policies, and emerging technologies.
• Mentor junior team members and effectively communicate security solutions to diverse audiences.
• Maintain security documentation, compliance controls (NY State, PCI, GDPR, NIST), and best practices.

Qualifications:

• Education: Bachelor's in Computer Science, Cybersecurity, or related field (or equivalent experience).
• Certifications: CISSP, CCSP, CCSK, Security preferred.
• 5 years in cybersecurity, with 3 years focusing on Azure security and O365 protection.
• Strong understanding of cloud security (IaaS, PaaS, SaaS), SASE solutions, and DevOps tools (Terraform, Kubernetes, Azure AD).
• Experience with security frameworks (NIST, COBIT, ISO) and forensic methodologies.
• Proficiency in PowerShell, Python, and automation scripting.
• Familiarity with network security tools (firewalls, intrusion prevention, SIEM, IAM, encryption).
• Strong problem-solving, documentation, and communication skills.