Senior Corporate Cyber Security Engineer

About Semperis

Semperis focuses on creating an employee experience aligned with our vision—being a Force for Good—starting with being a good workplace. Recognized as one of America’s Fastest-Growing Cybersecurity Companies on the Inc. 5000 List, a DUNS 100 top Start Up to work for, and Inc. Best Workplace for multiple years. With teams around the world, you’ll work alongside top global talent in Cybersecurity and Identity Access Management.

What we are looking for

Semperis is seeking a Senior Corporate Cyber Security Engineer dedicated to the dynamic field of cybersecurity. This role requires over 5 years of proven experience in Cyber Security, securing cloud applications, infrastructure and networks, with strong expertise in corporate security use cases, tools and methodologies. A strong focus on Azure and AWS environments is required.

What you will be doing

• Ensure adoption of SaaS and Cloud providers’ tools and infrastructure adheres to industry leading standards such as SOC Type 2, NIST and HIPAA, while aligning with organizational policies.
• Identify, assess and prioritize security risks across the organization.
• Develop and implement strategies to mitigate identified risks, reducing the organization's exposure to potential threats.
• Implement business focused controls to safeguard Semperis cloud entities, accounts and services mainly hosted in Azure and AWS clouds.
• Design and implement DLP strategies to protect sensitive data across the organization.
• Monitor, detect and respond to insider threats using advanced tools and methodologies.
• Advise on secure architecture across infrastructure, applications and operational technology to ensure robust security for cloud infrastructure, networks and applications including services and components like Azure Kubernetes Service (AKS), Azure Web Apps, Application Gateways, Web Application Firewalls (WAFs), ISTIO, Network Security Groups (NSGs), and Azure Firewall.
• Implement security best practices for containerized environments (e.g., AKS).
• Enhance the security posture of web applications and APIs using best-in-class tools and methodologies.
• Work directly with senior leaders to align the Security Operations strategy with overall business objectives and risk management framework.
• Collaborate with the compliance team to maintain and audit security controls and processes, ensuring compliance with relevant security frameworks and certifications such as SOC2 Type 2, NIST, HIPAA, and others.
• Manage B2B and B2C identity scenarios, ensuring secure collaboration and access for external users while maintaining the integrity of each tenant’s security posture.
• Establish and monitor cross-tenant access settings, ensuring minimal privilege principles are adhered to.
• Collaborate with security teams across the company to integrate threat intelligence into the organization’s incident response plans.
• Develop and refine incident response plans and playbooks to ensure timely and effective responses to security threats.
• Create and maintain comprehensive security documentation, including policies, procedures, incident response plans, risk assessments and post incident reports.
• Collaborate with Semperis Security and Engineering teams to provide cloud controls training.

What you will bring to the table

• Over 5 years proven experience and proficiency in evaluating, deploying and operationalizing tools such as:
  • Azure Specific Security knowledge: Azure security center, policy and blueprints, Azure Key Vault including integration with AKS and other services
  • O365 compliance and security including Entra ID governance and protection, endpoints protection and vulnerability management
• Strong understanding of DevOps and Agile Methodologies
• Compliance and regulatory knowledge: GDPR, HIPAA, PCI-DSS
• Passion for automation with ability to identify workflow improvements and scalable tools
• Proficiency in cloud infrastructure automation
• Scripting proficiency in languages like Python and Powershell
• Knowledge in evaluating, deploying and operationalizing tools such as SOAR, XDR, UEBA, IAM, CSPM, DSPM
• Azure DevOps Security: Secure CI/CD pipelines, security integration into the DevOps lifecycle and dependency scanning within Azure DevOps pipelines

Equal Opportunity

Semperis is an equal opportunity employer and will not discriminate based on legally recognized protected bases. Applicants with disabilities may be entitled to reasonable accommodation under applicable laws. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to participate in the application process.