Cybersecurity Senior Engineer I

Armanino

New York · On-site Full-time Senior $95k – $165k/yr Today

About the role

Below is a concise, easy‑to‑read snapshot of the Cybersecurity Engineer opportunity at Armanino. Use it as a quick reference when you’re reviewing the posting, tailoring your résumé, or preparing for an interview.

📌 Role Overview

Title: Cybersecurity Engineer (Security Operations / Cloud Security)
Location: Flexible (remote / hybrid options) – specific compensation ranges vary by state (see “Compensation” section)
Team: Works across infrastructure, networking, DevOps, and advisory groups to embed security into every layer of the firm’s technology stack.

🛠️ Core Responsibilities

Area	Key Tasks
Cloud Security	• Design & implement controls in Azure & AWS (native & third‑party) • Deploy Microsoft Defender, Sentinel, Purview, Entra ID • Build IaC (Terraform/ARM/CloudFormation) & automation (PowerShell, Python) • Define & enforce cloud security policies, posture monitoring, mis‑configuration remediation
Network Security	• Configure firewalls, IDS/IPS, DLP, proxies • Implement segmentation, micro‑segmentation, secure VPN/remote access • Design secure network architecture for M&A integrations • Monitor traffic for threats, create detection rules
Security Operations	• Tune SIEM (alerts, dashboards, reports) • Develop incident‑response playbooks & automation • Conduct threat hunting, log/forensic analysis • Coordinate vulnerability assessments & pen‑test activities
Tooling & Integration	• Deploy & maintain EDR, CASB, vulnerability scanners • Integrate security tools with ITSM & automation platforms • Document configurations & procedures
Collaboration & Governance	• Partner with infrastructure, networking, DevOps teams • Apply NIST, CIS, and other frameworks • Communicate technical concepts to both technical and business audiences

✅ Minimum Qualifications

Experience: ≥ 3 years in cybersecurity engineering or security operations.
Hands‑on: Implementation & configuration of security tools (SIEM, EDR, DLP, etc.).
Cloud: Practical experience securing Azure or AWS environments.
Network: Design/implementation of firewalls, IDS/IPS, segmentation, etc.
Automation: Scripting (PowerShell, Python, Bash) and IaC (Terraform/ARM/CloudFormation).
Frameworks: Familiarity with NIST, CIS controls, and cloud‑specific security frameworks.
Soft Skills: Strong problem‑solving, clear technical communication, self‑direction, and teamwork.

🌟 Preferred (“Nice‑to‑Have”) Credentials

Deep expertise in the Microsoft security stack (Defender, Sentinel, Purview, Entra ID).
Experience with Palo Alto, CrowdStrike, or similar enterprise tools.
Container/Kubernetes security and DevSecOps practices.
Pen‑testing/red‑team exposure.
Consulting or professional‑services background.
Certifications: CISSP, Azure Security Engineer, GIAC, OSCP, etc.

💰 Compensation (2024 ranges)

Region	Salary Range
Colorado	$95 k – $143.8 k
Washington, Illinois, New York, Southern CA	$100 k – $158.2 k
Northern California	$105 k – $165.3 k

Actual offer will reflect skill set, experience, and location.

🎁 Benefits & Perks

Medical / Dental / Vision coverage
Generous PTO + paid sick time & 11 paid holidays
Flexible work arrangements (remote/hybrid)
401(k) with profit sharing
Wellness program & generous parental leave
Long‑term discretionary financial incentive plan (eligible levels)

📜 Legal & Diversity Statements (quick takeaways)

EEO employer – no discrimination based on protected classes.
Harassment‑free workplace policy.
Fair Chance considerations for SF & LA applicants (criminal history not an automatic disqualifier).
No unsolicited agency submissions – all candidate contact must go through Talent Acquisition.

📋 How to Use This Summary

Resume Tailoring – Mirror the exact terminology (e.g., “Azure Sentinel”, “Terraform”, “Zero‑Trust”) in your experience bullet points.
Cover Letter Hook – Highlight 2–3 of the core responsibilities that align with your strongest achievements (e.g., “Implemented automated remediation of Azure mis‑configurations using PowerShell and Azure Policy”).
Interview Prep – Be ready to discuss:
- A specific cloud‑security control you designed and its impact.
- How you’ve integrated a SIEM with ITSM for automated ticketing.
- A time you collaborated with DevOps to embed security into CI/CD pipelines.
Compensation Discussion – Use the state‑specific range as a baseline; factor in certifications and years of experience when negotiating.

Good luck! If you’d like help drafting a targeted résumé, a cover‑letter template, or interview‑question practice specific to this role, just let me know. 🚀

Requirements

Minimum 3 years in cybersecurity engineering or security operations
Hands-on security tool implementation and configuration
Cloud security experience (Azure or AWS)
Network security and architecture experience
Scripting and automation experience
Security architecture and control frameworks (NIST, CIS)
Cloud security (Azure or AWS security services)
Network security technologies (firewalls, IDS/IPS, DLP, proxies)
Endpoint security (EDR, DLP, device management)
Identity and access management (Entra ID, Active Directory)
SIEM platforms and log analysis
Strong problem-solving and analytical thinking
Self-directed with ownership of technical domains
Clear technical communication to varied audiences
Collaboration across technical and business teams
Continuous learning mindset for evolving threats and technologies

Responsibilities

Design and implement security controls across cloud and on-premises environments
Build security automation using PowerShell, Python, or infrastructure as code
Configure and optimize security tools (SIEM, EDR, DLP, CASB, vulnerability scanners)
Implement zero trust security principles across identity, network, and data
Partner with infrastructure, networking, and DevOps teams on secure designs
Secure Azure and AWS environments with native and third-party controls
Implement Microsoft Defender, Sentinel, Purview, and Entra ID security features
Design and enforce cloud security policies and governance
Monitor cloud security posture and remediate misconfigurations
Support secure AI/ML platform implementation
Configure and maintain network security controls (firewalls, DLP, IDS/IPS)
Implement network segmentation and micro-segmentation
Design secure network architecture for M&A integrations
Monitor network traffic for threats and anomalies
Support VPN, remote access, and secure connectivity solutions
Build detection rules and alerts in SIEM platforms
Develop incident response playbooks and automation
Perform threat hunting and security investigations
Conduct vulnerability assessments and penetration testing coordination
Analyze security logs and forensic artifacts
Evaluate, deploy, and maintain security technologies
Tune security tools to reduce false positives and improve detection
Create dashboards and reports for security metrics
Integrate security tools with ITSM and automation platforms
Document security tool configurations and procedures

Benefits

paid_time_offhealth_insurancedental_coverage

Skills

Active DirectoryARM templatesAWSAWS LambdaBashCASBCISCISSPCloudFormationContainer securityCrowdStrikeDevOpsDLPDockerEDREntra IDGIAC certificationsIaCIDS/IPSITSMKubernetes securityMicrosoft DefenderMicrosoft PurviewMicrosoft SentinelNISTOSCPPalo AltoPenetration testingPowerShellPythonRed teamSIEMTerraformVulnerability scannersZero trust

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free