Senior Security Engineer

Must-haves - 5+ years of hands‑on experience in information security, with a strong blue team focus - Proven experience in incident response, threat detection, and vulnerability management - Hands‑on experience with Microsoft Defender (EDR) and Microsoft Sentinel (SIEM) - Experience securing Azure and Microsoft 365 environments - Ability to act as an escalation point and lead security investigations - Bachelor’s degree in a related field or equivalent hands‑on experience – CISSP required Day-to-Day A mid‑size hospital system based in Philadelphia is seeking an experienced Lead Security Engineer to join its Cyber Security team. This role will serve as a hands‑on technical leader for the organization’s blue team security operations, while also managing and mentoring a team of three security analysts. Red team experience is a strong plus. This individual will play a critical role in protecting the organization’s cloud and enterprise environments, leading incident response efforts, strengthening vulnerability management practices, and advancing the overall security maturity of the organization. Key Responsibilities - Lead day‑to‑day blue team security operations, including incident response, threat detection, and vulnerability management - Serve as an escalation point for security incidents, conducting hands‑on investigations related to malware, data loss, insider threats, and other security events - Manage, mentor, and develop a team of three security analysts, providing technical guidance, prioritization, and performance oversight - Design, implement, and optimize security controls across Microsoft Azure and O365 environments, including identity, endpoint, and cloud security - Utilize and manage Microsoft security tools such as Microsoft Defender, Microsoft Sentinel (SIEM/SOAR), and related Azure security services to monitor, detect, and respond to threats - Contribute to the development and implementation of the organization’s security governance model, policies, and standards - Develop and maintain security metrics and reporting to measure operational effectiveness, risk posture, and security maturity - Partner closely with IT, infrastructure, cloud, and business stakeholders to understand requirements and influence system and architectural decisions from a security perspective - Support vulnerability assessment and remediation efforts, working with technical teams to drive risk reduction - Collaborate with red team resources as applicable; prior hands‑on red team or offensive security experience is a strong plus