Senior Cyber Security Engineer

Job Title: Senior Cyber Security Engineer – Endpoint, DLP & Identity Security Duration of Assignment: 3-6 months Working Hours: 9:00-5:00 EST/MST Location: Remote Airitos is seeking a Senior Cyber Security Engineer to support and advance our endpoint security, data protection, and identity-related security operations. This role is heavily focused on endpoint protection, DLP engineering, SOC collaboration, incident response, and the overall hardening of enterprise systems. You will also support identity security functions and controls where they intersect with endpoint and data protection. The ideal candidate brings hands-on engineering experience, strong analytical instincts, and the ability to lead initiatives across a global environment. This role requires navigating complex security challenges, improving control maturity, and working closely with cross-functional teams to drive measurable security outcomes. Professional Responsibilities: The Senior Cyber Security Engineer will play a key role in strengthening endpoint protection, data loss prevention, cloud access controls, and incident response capabilities across a highly regulated financial environment. This position blends hands-on engineering, project ownership, and mentoring responsibilities, serving as both a technical escalation point and a contributor to long-term program maturity. Leadership, Strategy & Program Development • Work closely with leadership to implement and execute cybersecurity strategies aligned with organizational goals and regulatory requirements. • Provide guidance to junior engineers and analysts, assisting with training, knowledge sharing, and overall team development. • Oversee program roadmaps, maturity efforts, and in-scope security initiatives. • Maintain an active understanding of emerging threats, tools, and industry best practices, bringing forward recommendations for continuous improvement. • Assist in developing, updating, and enforcing security policies, standards, and procedures. Endpoint Security Engineering • Administer and optimize Microsoft Defender XDR, including alert tuning, policy refinement, agent health, and vulnerability visibility. • Manage and monitor endpoint security controls across Windows, Linux, and macOS environments. • Troubleshoot endpoint outages, configuration failures, agent issues, and platform-level disruptions. • Support OS hardening initiatives, baseline configurations, and endpoint compliance requirements. Data Loss Prevention (DLP) • Administer and engineer endpoint, network, and email DLP controls. • Review and remediate block events, tune policies, and make rule adjustments to improve detection fidelity. • Support investigations involving data exfiltration attempts or misuse. • Maintain operational documentation and escalation playbooks for DLP processes. Cloud Access Security Broker (CASB) & Email Security • Review and address CASB alerts and requests, applying proper validation and remediation steps. • Perform triage and remediation of email security incidents and support policy refinements. • Support integrations between email security, CASB, endpoint tools, and SIEM/SOAR systems. Incident Response & SOC Collaboration • Partner with the SOC to analyze, triage, and respond to alerts from Defender XDR, DLP platforms, CASB, and email security systems. • Lead investigations into endpoint threats, suspicious behaviors, and data security incidents. • Participate in tabletop exercises, IR process reviews, and readiness assessments. • Develop and maintain escalation procedures, playbooks, and knowledge articles. Cross-Functional Collaboration • Work directly with business units, IT teams, and risk/compliance partners to support enterprise-wide security initiatives. • Communicate security risks, gaps, and metrics to leadership, including improvement recommendations. Tooling & Security Awareness • Maintain familiarity with broader security tooling (e.g., Workday, Dayforce, KnowBe4, Cybsafe). • Assist with security awareness and policy adoption efforts when needed. • Cross-train with adjacent security functions to maintain operational versatility. Professional Skills: • Strong proficiency with the Microsoft Security Tool Suite, including Defender XDR and related cloud and endpoint technologies. • Hands-on scripting experience with Python and PowerShell, especially for automation, APIs, and metric collection. • Solid understanding of APIs, microservices, web application frameworks, and cloud platforms (AWS, Azure, GCP). • Strong knowledge of threat landscapes, detection techniques, and investigation methodologies. • Experience with SIEM/SOAR platforms and security event triage. • Familiarity with CASB solutions, DLP engineering, and email security platforms. • Experience working in highly regulated environments; financial industry exposure is preferred. • Strong communication abilities with meticulous attention to detail. • High level of initiative, situational awareness, and a “white hat” security mindset. • Ability to work independently, manage multiple priorities, and perform effectively under pressure. Education & Certifications: • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field (or equivalent experience). • 6+ years of experience in risk management, security engineering, security awareness, or related functions. • Relevant certifications preferred, including CISSP, CISM, SANS certifications, or equivalent advanced credentials. Work Environment: • Standard working hours: 9:00 AM – 5:00 PM EST or MST depending on team alignment. • May require occasional travel to company, partner, or vendor locations. • Must uphold confidentiality, privacy standards, and all client security requirements. This position requires heightened security awareness to safeguard the client’s confidential data, including customer non-public personal information. The role includes exposure to all categories of sensitive information and requires strict adherence to all internal controls, policies, regulations, and compliance obligations. Employees must immediately report any operational issues, policy violations, or suspected noncompliance. Apply tot his job