Network Security Engineer

We are looking for a mid-level Security Administrator to join our small, close-knit IT team as its dedicated security expert. This is a hands-on role where you will own security across our Microsoft 365 environment, network perimeter, and endpoints — working directly alongside IT generalists rather than within a separate security function. You will need to be equally comfortable setting security direction and getting into the technical detail yourself.

On the Microsoft 365 side, you will maintain our email security platform, keep DLP policies and information protection controls current across M365 and other platforms, and conduct regular reviews of identity and access configurations in Entra ID — including Conditional Access, PIM, and MFA enforcement. For network security, you will configure and manage our next-generation firewalls, VPNs, threat prevention profiles, and related controls, ensuring our perimeter stays hardened and integrated with our identity environment. You will also own our XDR and SIEM platforms end-to-end, from deployment and policy configuration through to analytic rule authoring and alert tuning, and will take the lead on incident response when things go wrong — running the full lifecycle from triage to post-incident review and keeping management informed throughout.

We are looking for someone with three to six years of relevant experience. Hands-on experience with Microsoft 365 security, Entra ID, and hybrid identity is beneficial, and practical familiarity with EDR, XDR, and SIEM tooling — including CrowdStrike or a comparable platform — is required. Experience with NGFW configuration and VPN management is desired, as is exposure to Palo Alto products and cloud-delivered security services; the PCNSE certification is a plus. Windows and Linux endpoint hardening knowledge is also valued. Familiarity with Zero Trust and SASE concepts, GRC frameworks such as NIST CSF or ISO 27001, and the ability to communicate risk clearly to non-technical stakeholders will all strengthen your application.

This role suits someone who thrives in a small team, manages competing priorities confidently, and takes ownership without needing close oversight. If you are a practical, collaborative security professional who wants broad scope and real impact, we would love to hear from you.

Qualifications

• Three to six years of relevant security or security-adjacent IT experience.
• Hands-on experience securing Microsoft 365 environments, including email security platforms, DLP and information protection policies, and Entra ID configuration (Conditional Access, PIM, MFA enforcement).
• Practical experience with EDR/XDR and SIEM platforms end-to-end: deployment, policy configuration, analytic rule authoring, and alert tuning. CrowdStrike or comparable platform experience required.
• Experience configuring and managing next-generation firewalls, VPNs, and threat prevention profiles. Palo Alto and Strata Cloud experience preferred.
• Ability to learn & lead incident response across the full lifecycle: triage, containment, remediation, and post-incident review — and to communicate status and risk clearly to non-technical stakeholders.
• Working knowledge of Windows and Linux endpoint hardening.
• Familiarity with Zero Trust and SASE architectures, and with GRC frameworks such as NIST CSF
• Understanding of information security principles relevant to financial institutions, including data protection, governance, and NCUA regulatory requirements.
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field — or equivalent hands-on experience.
• Relevant certifications such as CISSP, CISM, PCNSE, Security+, or GSEC are a plus.
• Self-directed, collaborative, and comfortable balancing competing priorities in a small IT team.