The Senior Cybersecurity Engineer is responsible for establishing and operating cybersecurity controls across a fragmented technology environment spanning cloud infrastructure, enterprise applications, endpoint platforms, and customer-facing systems.

This role will operate independently to identify, prioritize, and resolve the most critical security risks. Initial efforts will prioritize identity and access control, including the development of role-based access models, and targeted vulnerability reduction. Additional areas, including data protection and tooling optimization, will be expanded over time.

This is a hands-on role focused on execution and risk reduction. The role is expected to prioritize and sequence work across identity, vulnerability management, incident response, and security tooling, focusing first on the highest-risk areas and expanding coverage over time rather than attempting to implement a fully mature security program immediately.

Job Category: Salaried /Exempt

Department: Marketing

Reports To: SVP of Marketing

Hours: 8:00am – 5:00pm, additional hours as needed.

Job Family: Marketing/Trade Show Events

Job Level: Sr Management I

Operational Prioritization and Risk Ownership

• Assess security risks across cloud, endpoint, network, and enterprise application environments.

• Identify and prioritize the most critical risks, including access sprawl, cloud exposure, and unremediated vulnerabilities.

· Focus efforts on high-impact risk reduction in prioritized areas of the environment.

Identify and Access Control

· Establish and enforce access request and approval processes across systems

· Define and implement practical access control standards across:

o Azure/Entra ID

o Enterprise business Systems and applications

· Develop and implement role-based access control (RBAC) models, beginning with core business roles and extending across systems.

• Reduce over-permissioning and address fragmented access models

• Implement controls for contractor and vendor access

• Conduct access reviews and ensure remediation is completed

Vulnerability Management and Remediation

• Review and prioritize vulnerabilities identified across cloud, endpoint, and infrastructure environments

• Identify vulnerabilities that represent real business risk and focus remediation accordingly

• Driver remediation across infrastructure, Enterprise Applications, and Engineering teams

• Execute remediation directly where ownership is unclear or action is delayed

• Establish practical tracking and accountability for vulnerability remediation

Incident Response and Security Operations

• Act as the primary internal owner for security incidents and alerts

• Coordinate with external security monitoring and response providers and internal logging platforms

• Define and enforce severity levels and escalation paths

• Lead response to high-severity incidents and execute containment actions as needed

• Ensure incidents are actively managed and resolved across teams

Security Tooling Ownership and Optimization

• Own the effectiveness of security tooling across endpoint, cloud, network, and monitoring domains

• Improve configuration and effectiveness of existing tools in priority areas

• Identify gaps, overlaps, and opportunities for rationalization across the security stack

• Ensure tooling is aligned to risk reduction and not solely reporting

Data Protection and Information Governance

• Support the phased implementation of data protection capabilities, including data loss prevention and data classification

• Contribute to the development and refinement of policies and controls for sensitive data handling

• Assist in establishing processes for alert triage, escalation, and exception handling related to data protection controls

• Support investigations and information discovery activities as needed

• Collaborate with stakeholders to promote appropriate data handling practices and reduce risk over time

Cross-Functional Execution and Security Input

• Work across Infrastructure, Enterprise Applications, and Engineering teams to resolve security risks and vulnerabilities

• Drive accountability for remediation and control adherence without relying on formal authority

• Enforce security standards and remediation expectations across teams with executive backing

• Provide practical security input into system design, integrations, and platform changes across cloud and customer-facing systems

• Step in to resolve issues that lack clear ownership or stall across teams

Education and Formal Training:

· Bachelor’s degree in Information Security, Information Technology, Computer Science, or a related field preferred

· Relevant certifications such as Security+, CISSP, Azure Security Engineer, or similar are a plus but not required

Experience:

· 5–8 years of hands-on cybersecurity experience across multiple domains such as identity and access, endpoint security, cloud security, or security operations

· Experience operating in mid-maturity or fragmented environments with mixed security tooling and unclear ownership

· Experience with Microsoft security and identity platforms, including Azure / Entra ID

· Experience with endpoint security and cloud security tools

· Familiarity with SIEM, logging, and managed detection and response (MDR) environments

· Working knowledge of network security concepts and controls

· Preferred experience supporting enterprise business systems and customer-facing platforms

· Preferred exposure to data protection capabilities such as DLP, classification, or information governance

· Preferred experience supporting environments with mixed device management and third-party service providers

We offer 100% employer paid medical plan. Other optional benefit programs are available to our employees and their families which include: 401(k) match, additional medical plans, dental, vision, flex spending account, short-term and long-term disability & life insurance coverage.