We are seeking a Senior Staff Security Engineer who operates at the nexus of high-level strategy and multi-tenant operational excellence. While a traditional internal role secures a single enterprise perimeter, you are responsible for the integrated defense fabric of a vast portfolio of diverse client environments.
You will navigate the complexities of varied compliance needs and legacy technical debt, transforming them into a unified, scalable security posture. This is a technical leadership role designed for an expert who prefers the keyboard and the whiteboard over a people-management track, focusing on the "big picture" of our global security product stack.
Core Responsibilities
1. Strategic Security Architecture & Product Strategy
- Scalable Multi-tenancy: Architect and maintain hardened, isolated security stacks (SIEM, EDR, XDR) designed to scale across hundreds of distinct client environments.
- Product Vetting: Serve as the technical lead for vendor evaluations, "battle-testing" emerging tech to define our global standard offerings.
- Global Standardization: Engineer "Gold Image" baselines and automated deployment templates based on CIS and NIST frameworks to ensure rapid, secure onboarding.
2. Tier 4 Escalation & Forensic Mastery
- Final Authority: Serve as the ultimate technical escalation point for the SOC, leading the response to sophisticated APTs and complex breaches.
- Post-Mortem Leadership: Conduct deep-dive Root Cause Analysis (RCA) and translate incident findings into systemic, fleet-wide preventative measures.
3. Security Engineering & Hyper-Automation
- Security as Code: Build the automation tissue that connects our stack, utilizing Python, PowerShell, and Terraform to automate threat containment and patch management.
- Integration Engineering: Develop custom API integrations to bridge gaps between vulnerability scanners, RMM tools, and ticketing systems for seamless auto-remediation.
4. High-Stakes Advisory & Governance
- Strategic vCISO: Act as a high-level advisor for key accounts, translating abstract risk into actionable business roadmaps for C-suite stakeholders.
- Compliance Orchestration: Oversee technical evidence collection and governance for HIPAA, SOC 2, and CMMC, ensuring our clients remain audit-ready.
Technical Profile
| Category | Competencies |
| Cloud & Identity | Expert-level AWS/Azure security; Zero Trust Architecture (ZTA); Advanced IAM/Entra ID. |
| SecOps & Intelligence | Advanced SOAR/SIEM engineering (Sentinel, Splunk, CrowdStrike); MITRE ATT&CK mapping. |
| Network Defense | Deep-packet inspection; BGP security; SD-WAN; SASE; Micro-segmentation. |
| Automation / IaC | Proficiency in Python, Terraform, or Ansible for infrastructure-as-code. |
| Certifications | CISSP (Highly Preferred), CISM, CCSP, or specialized GIAC (GCIH/GCFA). |
Experience & Qualifications
- 8–12+ Years in Information Security, with a significant background (3+ years) in multi-client consulting or MSP environments.
- Force Multiplier: Proven track record of leading cross-functional projects and mentoring senior engineers without direct-report authority.
- Bilingual Communication: The rare ability to pivot from a deep-dive technical audit with an engineer to a risk-based ROI presentation for a CEO.
Why This Role?
In a traditional corporate environment, you protect a centralized network. At an MSP, you are designing the security blueprint for an entire sector of the economy. > The MSP "Hidden" Mandate:
This isn't about maintaining a single environment; it’s about engineering resilience across a global footprint. You will have the autonomy to choose the tools, the authority to set the standards, and the responsibility to safeguard hundreds of organizations simultaneously.