Senior - Security Engineer, Information Security

Remote Full-time
Citrin Cooperman offers a dynamic work environment, fostering professional growth and collaboration. We’re continuously seeking talented individuals who bring a problem-solving mindset, fresh perspectives, and sharp technical expertise. We know you have choices, so our team of collaborative, innovative professionals are ready to support your professional development. At Citrin Cooperman, we offer competitive compensation and benefits and most importantly, the flexibility to manage your personal and professional life to focus on what matters most to you!

We are seeking a Senior – Security Engineer, Information Security, to join our Information Security team within the Information Technology department. They’re responsible for protecting our organization's digital assets through the deployment, management, and optimization of security technologies, including but not limited Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP) and email security. The ideal candidate will manage vulnerability and threat programs, lead incident response efforts, and have strong technical skills in threat detection and security operations.

Responsibilities are, but not limited to

Enterprise Detection and Response
• Deploy and manage EDR solutions across enterprise endpoints including workstations, servers, and mobile devices.
• Configure detection rules and automated response actions to identify malware, suspicious behaviors, and advanced persistent threats.
• Conduct proactive threat hunting to identify compromised systems and hidden threats.
• Maintain agent deployment coverage and optimize EDR performance across all critical assets.

Security Information and Event Management (SIEM)
• Administer SIEM platform including log source onboarding, parsing, and correlation rule development.
• Design use cases and correlation rules to detect security incidents and policy violations.
• Monitor and triage security alerts to determine severity, scope, and impact.
• Create dashboards and reports for security metrics, compliance, and executive visibility.
• Integrate threat intelligence feeds to enhance detection capabilities.

Incident Response
• Serve as escalation point for security incidents following established procedures.
• Perform digital forensics and investigation including log analysis, memory analysis, and disk forensics.
• Coordinate incident response across IT, legal, HR, and executive stakeholders.
• Document incidents thoroughly include timelines, indicators of compromise, and remediation actions.
• Develop and maintain incident response playbooks for common attack scenarios.
• Participate in tabletop exercises and conduct post-incident reviews to improve security posture.

Threat and Vulnerability Management
• Establish and maintain a continuous vulnerability management program.
• Deploy and manage vulnerability scanning tools across network, systems, applications, and cloud infrastructure.
• Analyze vulnerability scan results and prioritize remediation based on risk, exploitability, and business impact.
• Work with system owners and IT teams to develop remediation plans and track vulnerabiity closure.
• Monitor threat intelligence sources for emerging threats, exploit activity, and vulnerabilities affecting the organization.
• Conduct risk assessments for newly discovered vulnerabilities and provide guidance on compensating controls.
• Generate vulnerability metrics and reports for management and compliance purposes
• Integrate vulnerability data with SIEM and EDR for enhanced threat correlation
• Perform penetration testing coordination and validate remediation effectiveness
• Maintain vulnerability management policies, procedures, and SLAs

Security Operations and Collaboration
• Participate in 24/7/365 security operations center (SOC) rotation (if applicable) or on-call rotation.
• Collaborate with IT operations, development, and business teams on security initiatives.
• Mentor junior security analysts and share knowledge across the security team.
• Stay current with emerging threats, attack techniques, and security technologies.
• Contribute to security awareness training programs by providing real-world incident examples.

Email Security
• Manage email security gateway solutions to detect and block malicious emails, phishing attempts, and spam.
• Investigate and respond to reported phishing emails and business email compromise (BEC) attempts.
• Analyze email-based threats and implement rules to block malicious senders, domains, and attachment types.
• Monitor email security metrics and trends to identify emerging attack patterns.
• Work with human security awareness team to shape awareness campaigns and phishing simulations to improve user vigilance.

Data Loss Prevention (DLP)
• Implement and manage DLP solutions across email, endpoints, network, and cloud applications.
• Create and tune DLP policies to prevent unauthorized data exfiltration while minimizing false positives.
• Monitor DLP alerts and investigate potential data leakage incidents.
• Classify sensitive data and configure appropriate protection controls based on data classification.
• Collaborate with business units to understand data flows and implement appropriate DLP controls.
• Generate DLP metrics and reports for compliance and risk management purposes.

The ideal candidate must:
• Have a bachelor’s degree in computer science, Information Security, Cybersecurity, or technical field related.
• Have equivalent work experience may be considered in lieu of degree.
• 3+ years of hands-on experience in information security operations, SOC, or similar role.
• Have demonstrated experience with EDR platforms and endpoint security management.
• Have experience conducting incident response investigations and forensic analysis.
• Have hands-on experience with vulnerability management and remediation programs.
• Have experience with email security solutions and investigating phishing/BEC attacks.
• Be familiar with DLP technologies and data protection strategies.
• Have a track record of managing security incidents from detection through resolution.
• Possess a strong understanding of attack vectors, TTPs, and MITRE ATT&CK framework.
• Be proficient in log analysis, correlation, and security event interpretation.
• Have experience with EDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, Cortex XDR).
• Have hands-on experience with SIEM solutions (Splunk, QRadar, Azure Sentinel, LogRhythm, Elastic SIEM).
• Be knowledgeable of vulnerability management tools (Tenable, Qualys, Rapid7).
• Have experience with email security gateways (Proofpoint, Mimecast, Barracuda, Microsoft Defender for Office 365).
• Be familiar with DLP platforms (Symantec DLP, Microsoft Purview, Forcepoint, Digital Guardian).
• Understand network protocols, packet analysis, and network security monitoring.
• Have experience with scripting/automation (Python, PowerShell, Bash) for security operations.
• Be knowledgeable of cloud security (AWS, Azure, GCP) and hybrid environments.
• Understand security frameworks (NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK).
• Be knowledgeable of compliance requirements (PCI DSS, HIPAA, SOX, GDPR) as applicable.
• Possess a strong security‑focused mindset with deep understanding of compliance frameworks.
• Work effectively under pressure and adapt to rapidly changing environments.
• Be highly analytical, detail‑oriented, and self‑driven with strong ownership.
• Possess excellent verbal and written communication skills.
• Possess strong collaboration, interpersonal skills, and consistent follow‑through.
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Full‑Time Remote Live Chat Operator – Customer Support, Product Guidance & Troubleshooting (Immediate Start)

Remote

**Experienced Data Entry Specialist – Remote Opportunity at Blithequark**

Remote

Crypto Adoption & Community Outreach Internship – Blockchain Wallet Ambassador

Remote

[Remote] UX Designer, Provider Experience

Remote

Moodle Developer - Remote

Remote

Experienced Customer Service Representative – Remote Work Opportunity with blithequark for Delivering Exceptional Travel Experiences

Remote

Finance, Investment Banking, Real Estate & Lending Professionals – GRO Group

Remote

Sr. Software Engineer (REMOTE)

Remote

Benefit Advocate Lead

Remote

Pharmacy Technician, Amazon Pharmacy

Remote
← Back