Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Staff Security Engineer

R

Red Cup IT, Inc.

Staff Security Engineer

National
Full Time
Paid
Similar Jobs
  • Responsibilities

    Red Cup IT is seeking a Staff Security Engineer to drive security excellence across our entire portfolio. Unlike traditional internal roles, a Staff Engineer at an MSP design, oversees, and scales security solutions across hundreds of diverse client environments.
    At this level, your focus shifts from executing tasks to defining the strategic framework for how security is delivered across our entire fleet.

    Core Responsibilities

    1. Security Architecture & Strategy

    • Scalable Standards: Develop security baselines (NIST, CIS, ISO 27001) adaptable for diverse clients, from small clinics to mid-market enterprises.

    • The "MSP Stack": Select and manage multi-tenant security tools, including SIEM/MDR, EDR/XDR, and automated vulnerability scanners.

    • Service Innovation: Collaborate with Sales and Product teams to design new "Security-as-a-Service" offerings, such as vCISO services or managed phishing simulations.

    2. High-Level Technical Leadership

    • Tier 4 Escalations: Serve as the ultimate technical authority for complex breaches and persistent threats that exceed the scope of Tier 1–3 analysts.

    • Advanced Automation: Utilize Python, PowerShell, or Bash to automate threat hunting and remediation across thousands of endpoints.

    • Cloud Governance: Secure multi-cloud environments (Azure, AWS, GCP) with a focus on Identity Management (MFA/Conditional Access) and encryption.

    3. Mentorship & Governance

    • Team Development: Mentor junior and senior engineers through architectural deep-dives and code reviews.

    • Compliance Leadership: Guide to clients through regulatory audits (HIPAA, GDPR, PCI DSS) and maintain the MSP's internal SOC2 compliance.

    Required Skills & Qualifications

    • Experience: 8–12+ years in IT and Cybersecurity.

    • Technical Mastery: Expert-level knowledge of EDR, SIEM (Sentinel, Splunk), Firewalls (Fortinet, Palo Alto), and Identity (Entra ID).

    • Cloud & Zero Trust: Deep expertise in cloud-native security and Zero Trust architecture.

    • DevOps Mindset: Proficient in using Python or PowerShell for API integrations and security automation.

    • Communication: Ability to translate complex "zero-day" risks into clear business impacts for non-technical stakeholders (CEOs/CFOs).

    • Certifications: CISSP (highly preferred), CISM, CCSP, or advanced provider certifications (AZ-500, PCNSE).