HiringCafe
Posted 1w ago

Cybersecurity Operations Engineer

@ Momentum
View All Jobs
Dallas, Texas, United States
OnsiteFull Time
Responsibilities:MDR operations, Incident response, Endpoint security
Requirements Summary:7–9 years in cybersecurity operations or security engineering; MDR, incident response, endpoint/cloud security; POC evals of security platforms; CIS/CIS Hardenings; MITRE ATT&CK mapping; AI/automation usage; experience in holding company environments.
Technical Tools Mentioned:CrowdStrike Falcon, Jamf Protect, Jamf Connect, Jamf, Cortex XDR, XSIAM, Prisma Access, Prisma Cloud, AWS, GCP, Azure, GitHub Actions
Save
Mark Applied
Hide Job
Report & Hide
Job Description

 

Momentum is a respected collection of independent companies, including PMG, Koddi, Further. We serve as a premier global business transformation partner for over 125 of the Fortune 500 brands. With 1,400 global employees and $5B in media spend under management, we foster a fast-growing, values-driven, people-first environment where you can thrive.

Our portfolio of companies partners with some of the world’s most iconic and ambitious brands. We combine scalability with a solutions-oriented approach to deliver fast-paced, innovative results for our customers while creating meaningful growth opportunities for our teams.

If you are looking for opportunities to grow in your career and are passionate about being at the forefront of data and technology, and driving rapid innovation in the future of commerce, we would love to talk with you about joining Momentum.

We believe that a culture of belonging, inclusion, and diversity is key to empowering our team members to thrive both personally and professionally. Living out our values is not just a goal; it's a daily practice! For more information, please visit www.momentum.com.

 

The Opportunity 

We are seeking a Cybersecurity Operations Engineer to run security operations across a holding company and its portfolio of businesses while leading the technical evaluation of our next-generation security stack.

This role owns MDR operations, incident response, endpoint security, and cloud security posture today, while driving proof-of-concept (POC) efforts for Palo Alto Cortex XDR/XSIAM and Prisma Access as we evaluate consolidating our MDR and moving toward a unified SASE and cloud security architecture.

You will work closely with the Cybersecurity Manager and vCISO, collaborate with the Sr. IT Operations Engineer on identity and endpoint controls, and partner with portfolio company IT and engineering teams. This role will also address critical gaps including cloud security strategy, CIS hardening, CASB/DLP, vulnerability management, and continuous pentesting.

Join us in this Full-time role, based in our Dallas Office at the Link: 2601 Olive Street, Dallas, TX. Be part of a vibrant community where amazing people, data & insights, and perpetual innovation converge to shape the future of digital commerce!

 

About This Role at Momentum

What You’ll Do

MDR Operations & Incident Response

  • Serve as primary liaison to the MDR provider; own escalation workflows, alert triage, and SLA accountability across all entities
  • Act as primary incident responder, leading containment, eradication, recovery, and post-incident documentation
  • Maintain and test incident response playbooks aligned to MITRE ATT&CK
  • Lead tabletop exercises in coordination with the vCISO and drive IR maturity across portfolio companies
  • Lead technical evaluation of Palo Alto Cortex XSIAM, including POC design, capability assessment, and transition planning

Endpoint Security & Hardening

  • Own endpoint security posture across ~1,400 macOS and 300 Windows devices
  • Eliminate local admin access across the macOS fleet (priority initiative)
  • Manage Jamf, Jamf Protect, and Jamf Connect; maintain CrowdStrike configurations and detection tuning
  • Define and implement CIS baselines and hardening standards across endpoints and servers

Palo Alto Platform Evaluation

  • Lead POC for Cortex XDR/XSIAM: scenario design, detection validation, and operational fit
  • Evaluate Prisma Access (SASE: ZTNA, SWG, CASB) and Prisma Cloud (CSPM/CWPP)
  • Produce technical assessments covering capability gaps, integration complexity, migration risk, and total cost of ownership
  • Own implementation if selected

Cloud Security & Vulnerability Management

  • Own cloud security strategy across AWS, GCP, and Azure
  • Expand CloudTrail and GuardDuty coverage across environments
  • Secure CI/CD pipelines (GitHub Actions), enforce secrets management and least-privilege IAM
  • Evaluate and implement vulnerability management platform; enforce remediation SLAs and reporting

CASB, DLP & Detection Engineering

  • Lead CASB and DLP vendor evaluation and implementation
  • Maintain and improve CrowdStrike Next-Gen SIEM/LogScale detection rules
  • Map detection coverage to MITRE ATT&CK (focus on IAM abuse, lateral movement, data exfiltration)
  • Evaluate and implement continuous pentesting platforms (Pentera, NodeZero, Horizon3)

Portfolio Company Engagement

  • Conduct technical security assessments across portfolio companies
  • Support DevSecOps and secure SD

 

What We’re Looking For

Required Qualifications

  • 7–9 years of experience in cybersecurity operations, security engineering, or senior SOC/IR roles

  • Hands-on MDR experience (alert triage, escalation workflows, MSSP management)

  • Deep expertise with CrowdStrike Falcon (EDR, detection tuning, SIEM/LogScale)

  • Endpoint security at scale (macOS with Jamf, Windows with Intune)

  • Proven incident response leadership (led incidents end-to-end)

  • Cloud security experience in AWS and either GCP or Azure (IAM, CloudTrail, GuardDuty, secrets management)

  • Experience leading enterprise security platform evaluations and POCs

  • Familiarity with SASE, CASB, or SSE architectures

  • Active daily use of AI and automation (100% internal AI adoption; required)

  • Experience in private equity, holding company, or multi-entity environments preferred

Preferred Qualifications

  • Palo Alto Networks experience (Cortex XDR, Prisma Access, Prisma Cloud); PCNSE preferred

  • Jamf Protect and Jamf Connect at scale

  • Continuous pentesting platforms (Pentera, NodeZero, Horizon3)

  • DLP tooling (policy design, data classification, endpoint/cloud enforcement)

  • MITRE ATT&CK expertise (detection mapping, threat modeling, tabletop exercises)

  • CIS benchmark implementation and enterprise-scale hardening

Preferred Certifications

  • PCNSE

  • GCIH

  • GCIA

  • CrowdStrike CCFA / CCFR

  • Or equivalent certifications

 

Commitment to Diversity and Inclusion at Momentum

At Momentum, our commitment to change for the better is reflected in our dedication to fostering a culture of belonging, inclusion, and diversity. We recognize diversity and inclusion as key components of our company's success and growth. Recognizing the ongoing journey ahead, we are determined to make lasting impacts through the collective efforts of our Leadership team, People & Culture team, and every employee.

Momentum is an equal opportunity employer, considering all qualified applicants regardless of characteristics protected by law. These include, but are not limited to, race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, color, ancestry, and Veteran status. We actively seek qualified applicants from diverse backgrounds, with no consideration of criminal histories, in alignment with applicable legal requirements.

Should a reasonable accommodation be necessary for the application process and beyond, we are eager to review and provide reasonable accommodations as needed, in compliance with applicable laws.

 

Total Rewards

At Momentum, we prioritize the well-being of the whole individual. We are committed to supporting our people in every moment that matters on their journey with us! We are pleased to offer a comprehensive total rewards package designed to provide protection, peace of mind, and a focus on overall well-being while helping our people plan for the future.

The base salary range for this position may vary based on location. Actual compensation will be determined by role, level, and location, considering additional factors such as job-related skills, experience, and relevant education or training. For roles eligible for remote work, the base salary is tailored to the designated work location. In addition to the base salary, candidates may be eligible to receive a discretionary annual bonus, determined based on both the company's business performance and individual contributions. The People & Culture team will provide specific details during the hiring process.

We take pride in offering a comprehensive benefits package for our full-time employees, encompassing healthcare benefits, a 401(k) plan with an employer match, short-term and long-term disability coverage, life insurance, paid time off, parental leave, and various paid holidays, among other perks.

Our workplace offers opportunities for involvement in a wide range of challenging and impactful projects, across diverse industries and business models, fostering career advancement and development within our growing  organization. The culture is highly collaborative and supportive, contributing to a fulfilling professional journey.

 

Note on Confidentiality

Any personal data collected during the application process will be treated with the utmost confidentiality and privacy.