Job description

Title: Sr. Security Engineer Location: Columbus, OH Duration: 6+ Months Job Description Security Architecture & Strategy • Design and implement scalable security architectures across cloud, on-prem, and hybrid environments. • Lead strategic initiatives such as Zero Trust adoption, Secure Access Service Edge (SASE), and cloud-native security transformation. • Develop security reference architectures and blueprints aligned with business and regulatory requirements. • Tactical Response Rapid activation to resolve global incidents, codify playbooks, and translate lessons learned into enduring standards. • Network Consulting Conduct assessments, provide reference architectures, and guide decision-making with executive-ready recommendations. • Solution & Planning Define and execute well-structured solution packages (HLD, LLD, BoM, QA, automation models) aligned with the One Management model. Emphasize Infra-as-Code, observability, and governance at every stage. • Gap Analysis Map as-is to to-be states across people, process, technology, and compliance, prioritizing remediation into quick wins and strategic programs. • Zero Trust enforcement, detection engineering, SOAR automation, and proactive leadership during global zero-day and control plane events. Threat Modeling & Risk Management • Conduct threat modeling and security assessments for new technologies, applications, and infrastructure. • Identify and mitigate risks across enterprise systems, APIs, containers, and third-party integrations. • Collaborate with risk and compliance teams to ensure alignment with frameworks like NIST, ISO 27001, and CIS Controls. Cloud & DevSecOps Enablement • Implement cloud security controls and automation across AWS, Azure, and Google Cloud Platform (IAM, encryption, logging, workload protection). • Integrate security into CI/CD pipelines using tools like Snyk, Checkov, Prisma Cloud, or Aqua Security. • Define and enforce secure coding practices and infrastructure-as-code policies. Security Automation & Engineering • Develop and maintain security automation scripts and playbooks using Python, PowerShell, or Bash. • Build integrations between security tools and SIEM/SOAR platforms (e.g., Splunk, Sentinel, Cortex XSOAR). • Automate vulnerability scanning, patch validation, and compliance reporting. Detection & Response Engineering • Enhance detection capabilities through custom rule creation, log enrichment, and bevioral analytics. • Collaborate with SOC and IR teams to improve incident response workflows and forensic readiness. • Lead purple team exercises and adversary emulation to validate controls and improve resilience. Cross-Functional Leadership • Act as a technical advisor to strategic programs involving cloud migration, M&A, AI/ML adoption, and digital modernization. • Partner with enterprise architects, infrastructure teams, and business units to embed security into strategic planning. • Present security strategies, risk posture, and program outcomes to executive leadership and governance boards. Required Skills & Qualifications Technical Expertise • Deep understanding of security principles across network, application, cloud, and endpoint domains. • Hands-on experience with cloud-native security tools (AWS GuardDuty, Azure Defender, Google Cloud Platform Security Command Center). • Proficiency in scripting and automation (Python, Terraform, Ansible). • Familiarity with container and Kubernetes security (e.g., PodSecurityPolicies, OPA/Gatekeeper, Falco). Certifications • Preferred: CISSP, CCSP, OSCP, GIAC Cloud Security (GCLD/GPCS), AWS/Azure Security Specialty Experience • 7+ years in cybersecurity engineering or architecture roles. • 3+ years leading strategic security initiatives or transformation programs. Soft Skills • Strong analytical and problem-solving skills. • Excellent communication and stakeholder engagement abilities. • Strategic mindset with a focus on innovation and business alignment. • Preferred Qualifications • Experience with Zero Trust frameworks and implementation. • Knowledge of data protection regulations (GDPR, HIPAA, CCPA). • Background in regulated industries (finance, healthcare, government)

Requirements