Trusted local advisors enhanced by specialists nationwide. (NYSE: CBZ)
Lead Security Engineer
Location
New York
Posted
10 hours ago
Salary
$111K - $180K / year
Seniority
Senior
Job Description
Lead Security Engineer
CBIZ
• The Lead Security Engineer (Cloud & Enterprise Security Engineering) is responsible for designing, implementing, hardening, integrating, and continuously improving security technologies across varied domains. • Translate security requirements into scalable and reliable technical solutions. • Engineer secure-by-default solutions, improve platform capabilities, automate security functions, and drive long-term technical maturity. • Own complex technical initiatives from design through implementation, support, optimization, and documentation. • Create and maintain actional documentation including architecture diagrams, standards, SOPs, and runbooks.
Job Requirements
- College Degree or equivalent required
- 8 years related experience
- Expert technical knowledge
- Knowledge of industry regulations
- Ability to lead and coordinate the team activities of others
- Ability to formulate, document and recommend new policies and procedures
- Able to work in and lead a team
- Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally
- Ability to travel as required by business and on-call availability
Benefits
- Compensation for this role will be based on the background of the individual selected for this position. For more details see the “About Us” section.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description This role’s mission & overview: Camps trust Campminder to keep their data safe, and that trust is what lets them focus on running a great summer. You'll own how we protect that data end to end: - Architecting and hardening our security infrastructure - Carrying our PCI and SOC2 programs through every audit - Setting the roadmap that keeps us ahead of real threats - Being the person the engineering org comes to on security - Defining what good looks like at Campminder As a Senior Cybersecurity Engineer on our Engineering team, you will: - Manage identity and access infrastructure, including Azure conditional access, Okta SSO, and Auth0, keeping MFA and zero-trust enforced across production and internal apps - Integrate security scanning (SAST, DAST, SCA) into CI/CD pipelines and drive remediation before code reaches production - Configure, tune, and harden WAF rules across our web applications - Own vulnerability scanning and remediation using tools like Mondoo and SecurityMetrics, and administer EDR, DLP, and SIEM/XDR tooling across servers and endpoints - Manage secrets and credentials in build pipelines, including vault-based storage, rotation, and least-privilege service accounts - Execute PCI technical controls: SAQ completion, quarterly ASV scans, and disaster recovery implementation - Harden containerized and cloud-native environments, including image scanning and Kubernetes configuration - Coordinate pen testing engagements and drive remediation against SLA timelines - Run security awareness training programs (KnowBe4, Security Journey) and maintain AI usage oversight, including approved tooling, code-gen governance, and supply-chain monitoring Qualifications - 5+ years in security engineering or DevSecOps, with hands-on ownership of both pipeline-level and infrastructure-level security - Experience configuring IAM and SSO platforms (Okta, Auth0) alongside cloud-native identity controls like Azure conditional access - Comfort embedding security directly into CI/CD workflows: SAST/DAST/SCA tooling, secrets management, and policy-as-code - A track record hardening containerized and cloud-native environments, including Kubernetes and image scanning - Experience executing PCI or similar compliance technical controls (scans, SAQs, evidence prep); program ownership isn't required, but you know how to translate auditor requirements into engineering work - Familiarity administering SIEM/XDR and EDR/DLP tooling - The judgment to triage real vulnerabilities over theoretical ones, and to know when to escalate versus fix directly - Experience running or supporting security awareness and training programs - Exposure to AI tooling governance, such as MCP inventories, code-gen release gating, or supply-chain monitoring for AI-assisted development Benefits - Robust medical, dental, and vision coverage options with generous employer contributions, plus a $500 employer HSA contribution for HSA-compatible plans - Ability to choose where you work - remotely, in the office, or a mix! - A variety of resources to support mental health and emotional well-being - 12 weeks of 100% paid parental leave for all new parents, including via adoption, surrogacy, and foster care - 401(k) with 4% company matching - Trust-Based (flexible) PTO (and yes, we use it!) - $900/year wellness allowance - Company-paid subscriptions, training, and support for using AI professionally and personally Company Description We know the best people can choose to work anywhere. Here’s a few reasons why 100+ of them choose Campminder: - With 20+ years experience of serving the industry through its digital transformation, we’re stable, profitable, and have developed a loyal customer base (that continues to grow). - We build software for summer camps, an industry that enables meaningful experiences for kids. - We work on interesting, ambitious projects that create real value for our clients. - We know our team members feel their work has an impact on the organization’s purpose. - We are genuinely committed to work/life balance. - We invest in emerging technology and cutting-edge leadership and are proud to take an "AI-Enabled" approach in our solutions. - We’ve been listed on Outside Magazine’s 50 Best Places to Work for 8 consecutive years for our values-led culture and employee experience.
• Pre-sales - assist in qualifying sales leads from a technical standpoint. • Sales calls - be the main technical resource on sales calls and answer/ educate the customer on issues ranging from features, specifications and functionality to integration. • Conversant with networking applications and solutions. • Experience with virtualization, NFV and emerging SDN technologies • Post-sales - be the lead technical contact for identified accounts for technical issues and will work closely with the technical support team and engineering to answer, elevate and resolve customers technical issues. • Provide assistance to identified customers with post-sales training. • Regularly interface, provides presales support and assist in training Fortinet Channel partners in your region. • Presenting at events, seminars, customer and partner meetings • Flexible to travel. Travel will primarily be within the SEs designated region, but may also include occasional travel to other regions.
• Extensive experience in pre-sales designing and proposing secure platform solutions • Building technical security solutions, proving their viability and providing technological justifications • Design complete network, cloud and security solutions providing strong technical roadmaps • Identify technical opportunities within the field to increase pipeline growth and team prosperity • Leading proof of concept valuations, technical workshops and events • Collaborate with Account Manager to answer/ educate the customer on issues • Strategizing about future services or capabilities customers may require within your account base • Support your customer through issue resolution by collaborating with TAC and other technical resources • Build technical business relationships with key customers and partners • Regularly interface, providing technology enablement in your region • Mentor others with your expertise while collaborating with a team of industry experts
Role Description ¡Prepárate para vivir una nueva etapa con Periferia IT Group! Si tienes experiencia como Cloud Security Engineer y quieres generar un impacto en el mundo tecnológico, esta es tu oportunidad para unirte a nuestro equipo. Trabajarás con más de 1,000 profesionales en una multinacional colombiana líder en el sector TI, con fuerte presencia en América Latina y Estados Unidos. ¡Impulsa tu carrera con nosotros y haz crecer tu potencial! - Únete a nuestra cultura Periferia enfocada al servicio y la innovación, donde cada idea cuenta para superar las expectativas de nuestros clientes. - Sumérgete en un entorno laboral dinámico que fomenta el aprendizaje continuo y el desarrollo personal. - Participa en proyectos desafiantes donde podrás aplicar tus conocimientos y habilidades para generar un impacto real. - Disfruta de un equilibrio entre tu vida personal y laboral, mientras promovemos el bienestar integral de todos nuestros colaboradores. Qualifications - Ser PROFESIONAL en Ingeniería de Sistemas o carreras afines. - Contar con experiencia superior a 3 años en ciberseguridad, seguridad de aplicaciones y protección de APIs y microservicios. - Dominar en un nivel ALTO API Gateway OCELOT, hardening de infraestructura, OWASP, CIS, autenticación, autorización, TLS y gestión de vulnerabilidades. - Contar con conocimientos en seguridad de redes, segmentación, firewalls, gestión de secretos, logging, monitoreo de seguridad y arquitecturas de microservicios on-premise. - Tener la capacidad de adaptarse a nuevas tecnologías y enfoques innovadores para maximizar su impacto. Requirements - Ejecutar diagnósticos de seguridad sobre API Gateway OCELOT y microservicios, identificando vulnerabilidades y oportunidades de mejora. - Diseñar e implementar controles de seguridad, incluyendo hardening, autenticación, autorización, cifrado TLS y protección de la infraestructura de red. - Implementar mecanismos de monitoreo, gestión de secretos, logging y documentación técnica, asegurando la continuidad operativa y la transferencia de conocimiento al cliente. - Coordinar actividades con los equipos de Desarrollo, DevOps, Infraestructura y Redes, gestionando riesgos y asegurando el cumplimiento de las mejores prácticas de ciberseguridad. Benefits - Trabajo remoto en Colombia. - Contrato por prestación de servicios. - Salario a convenir según experiencia y habilidades. - Beneficios a la carta para tu bienestar y estilo de vida.


