We are looking for a Senior Security Engineer with demonstrated expertise across enterprise security engineering, Microsoft Azure and on-premises infrastructure protection, incident response, and compliance frameworks including ISO 27001:2022 and CMMC. This role requires hands-on technical execution alongside architectural oversight — you will design and operate security controls, drive threat detection capabilities, and own compliance program delivery end-to-end. Security operations must align with NATO cybersecurity standards and requirements.

Key Responsibilities

• Security Engineering & Architecture

Design and operationalize enterprise security controls spanning network, endpoint, cloud, and application layers. Lead security architecture reviews for new systems and infrastructure. Implement Zero Trust architectures, network segmentation, IAM, MFA, and least-privilege access models across Microsoft Azure and on-premises/local resource environments. Ensure security configurations align with NATO security standards and requirements.

• Threat Detection & Incident Response

Develop and tune SIEM detection logic, correlation rules, and alerting pipelines. Lead investigation and containment of security incidents including phishing, malware, unauthorized access, and data exfiltration. Own post-incident reviews, root cause analysis, and remediation tracking. Perform digital forensics as required.

• Vulnerability Management

Operate vulnerability scanning programs using tools such as Nessus, Qualys, or Tenable. Conduct risk assessments, prioritize findings by exploitability and business impact, and drive remediation with IT and DevOps teams. Track patching cadence and configuration hardening progress.

• DevSecOps & Automation

Integrate security controls into CI/CD pipelines. Develop automation using Python, Bash, PowerShell, or Terraform for security operations, alerting, and remediation workflows. Implement secrets management, SAST/DAST scanning, and container security controls.

• CMMC & ISO 27001:2022 Compliance

Lead implementation and operational alignment with ISO 27001:2022, including Annex A control mapping, ISMS policy and procedure ownership, internal and external audit coordination, and management reviews. Support CMMC assessment readiness, including control gap analysis, evidence collection, corrective action tracking, and continuous improvement activities. Ensure ongoing compliance with applicable regulatory, contractual, NATO, and customer cybersecurity requirements.

• Technical Leadership

Mentor junior engineers and analysts. Provide technical leadership across security projects and incident response efforts. Collaborate cross-functionally with Engineering, IT, Product, and Leadership on security-by-design initiatives. Work closely with IT and external consultants to achieve security targets and program objectives.

Required Qualifications

• 5+ years in cybersecurity engineering or security operations roles

• Strong proficiency in network security fundamentals: firewalls, IDS/IPS, VPN, DNS, TCP/IP

• Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel, QRadar, or Elastic)

• Deep knowledge of Windows, Linux, Active Directory, Microsoft Azure, and local on-premises infrastructure security

• Practical experience with vulnerability management tools (Nessus, Qualys, or Tenable)

• Demonstrated experience implementing or auditing ISO 27001 ISMS frameworks

• Working knowledge of CMMC or equivalent cybersecurity maturity frameworks

• Familiarity with NATO cybersecurity standards and information security requirements

• Scripting proficiency in Python, PowerShell, or Bash

• Experience with IAM, MFA, SSO, and RBAC implementations

• Strong analytical reasoning and documented written communication skills