Security Engineer
Description:
LI-CR2 #LI-Hybrid
Responsibilities
The Security Operations Engineer is a hands-on, technical role responsible for building, operating, and improving CBIZ's security controls while actively responding to security events across our hybrid and cloud environments. This is not a passive monitoring or ticket-routing position-this role owns problems end-to-end, drives investigations and fixes, and helps engineer a modern, resilient security stack.
Essential Functions and Primary Duties:
Security Operations & Incident Response
Actively investigate and respond to security alerts across SIEM, XDR, NDR, identity, email, endpoint, and cloud security tools.
Lead incident handling from triage through containment, eradication, recovery, and lessons learned.
Perform root-cause analysis, validate remediation, and document findings and actions.
Participate in an on-call rotation and after-hours response as needed. Security Engineering & Cloud Security
Configure, harden, and maintain security controls in:
Microsoft Azure and Azure Virtual Desktop (AVD)
Amazon Web Services (AWS)
Microsoft 365 security and compliance platforms
Engineer and operationalize controls for identity protection, email/phishing defenses, DLP, conditional access, and tenant security baselines.
Secure and monitor cloud workloads, identities, and data across hybrid and multi-cloud environments.
Support and troubleshoot certificate-based authentication and encryption using PKI.
Tune and refine detections for cloud, identity, and email-borne threats. Security Tooling, Automation & AI
Administer and tune core security platforms, including:
SIEM and log pipelines
Endpoint/XDR
Network security (URL/content filtering, zero-trust access)
CASB and file-based DLP
Identity and access management
Email security and DLP
Use scripting and automation (PowerShell, Python, Bash, SOAR workflows) to streamline investigations, orchestrate response actions, and reduce manual toil.
Help evaluate and responsibly use AI-enabled security features to improve detection quality and analyst efficiency. Execution, Documentation & Process Improvement
Take clear ownership of assigned tickets, projects, and initiatives through completion.
Balance reactive incidents work with proactive engineering, cleanup, and hardening activities.
Create and maintain operational documentation: runbooks, playbooks, SOPs, and KB articles that reflect how work is done.
Identify gaps, propose improvements, and help mature SecOps processes and coverage. Collaboration & Communication
Partner closely with GRC, IT, Cloud, Networking, Systems, Endpoint, and Business teams to drive secure outcomes.
Communicate clearly and professionally during incidents and change work, including status, risk, and next steps.
Provide technical guidance and mentorship to analysts and peers where appropriate and escalate issues effectively. Preferred Qualifications:
8+ years of experience in Information Security, Security Operations, or Security Engineering.
Proven, hands-on experience with security investigations, incident response, and security control engineering.
Experience securing cloud environments (Azure and/or AWS) and operationalizing Microsoft 365 security capabilities (email protection, DLP, etc.).
Experience supporting or securing Azure Virtual Desktop (AVD).
Working knowledge of PKI and certificate-based authentication/encryption.
Experience with Linux (CLI, logs, services) and strong PowerShell skills for administration and SecOps.
Solid understanding of core security concepts: networking, identity and access, endpoint and malware fundamentals, and common attack techniques.
Demonstrated ability to work independently, exercise sound judgment, and drive work to completion.
Strong scripting/automation skills (PowerShell, Python, Bash) and experience with SOAR or automated response.
Exposure to AI-driven security tools or analytics.
Security certifications such as Security+, ISC2 CC/CISSP, or other relevant credentials.
Prior experience in a SOC or large enterprise security environment, and/or experience supporting mergers, integrations, or large-scale security transformations. Qualifications
Minimum Qualifications
College Degree or equivalent
6 years related experience
Expert technical knowledge
Knowledge of industry regulations
Ability to lead and coordinate the team activities of others
Ability to formulate, document and recommend new policies and procedures
Able to work in and lead a team
Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally
Ability to travel as required by business and on-call availability
About Us
CBIZ Inc. is a leading professional services advisor to middle market businesses and organizations nationwide. With unmatched industry knowledge and expertise in accounting, tax, advisory, benefits, insurance, and technology, CBIZ delivers forward-thinking insights and actionable solutions to help clients anticipate what's next and discover new ways to accelerate growth. CBIZ has more than 10,000 team members across more than 160 locations in 22 major markets coast to coast.
CBIZ strives to be our team members' employer of choice by creating an environment where team members are appreciated, recognized for their contributions, and provided with opportunities to grow, both personally and professionally, throughout their careers.
Together, CBIZ and CBIZ CPAs are ranked as one of the top providers of accounting services in the United States. CBIZ CPAs is an independent CPA firm that provides audit, review and attest services, while CBIZ provides business consulting, tax and financial services. In certain jurisdictions, CBIZ CPAs operates under its previous name, Mayer Hoffman McCann P.C.