[Hiring] Staff Security Engineer @Red Cup IT

Role Description

We are seeking a Staff Security Engineer who operates at the nexus of high-level strategy and multi-tenant operational excellence. You will navigate the complexities of varied compliance needs and legacy technical debt, transforming them into a unified, scalable security posture. This is a technical leadership role designed for an expert who prefers the keyboard and the whiteboard over a people-management track, focusing on the "big picture" of our global security product stack.

Core Responsibilities

• Strategic Security Architecture & Product Strategy
  • Scalable Multi-tenancy: Architect and maintain hardened, isolated security stacks (SIEM, EDR, XDR) designed to scale across hundreds of distinct client environments.
  • Product Vetting: Serve as the technical lead for vendor evaluations, "battle-testing" emerging tech to define our global standard offerings.
  • Global Standardization: Engineer "Gold Image" baselines and automated deployment templates based on CIS and NIST frameworks to ensure rapid, secure onboarding.
• Tier 4 Escalation & Forensic Mastery
  • Final Authority: Serve as the ultimate technical escalation point for the SOC, leading the response to sophisticated APTs and complex breaches.
  • Post-Mortem Leadership: Conduct deep-dive Root Cause Analysis (RCA) and translate incident findings into systemic, fleet-wide preventative measures.
• Security Engineering & Hyper-Automation
  • Security as Code: Build the automation tissue that connects our stack, utilizing Python, PowerShell, and Terraform to automate threat containment and patch management.
  • Integration Engineering: Develop custom API integrations to bridge gaps between vulnerability scanners, RMM tools, and ticketing systems for seamless auto-remediation.
• High-Stakes Advisory & Governance
  • Strategic vCISO: Act as a high-level advisor for key accounts, translating abstract risk into actionable business roadmaps for C-suite stakeholders.
  • Compliance Orchestration: Oversee technical evidence collection and governance for HIPAA, SOC 2, and CMMC, ensuring our clients remain audit-ready.

Qualifications

• 8–12+ Years in Information Security, with a significant background (3+ years) in multi-client consulting or MSP environments.
• Proven track record of leading cross-functional projects and mentoring senior engineers without direct-report authority.
• The rare ability to pivot from a deep-dive technical audit with an engineer to a risk-based ROI presentation for a CEO.

Requirements

• Expert-level AWS/Azure security; Zero Trust Architecture (ZTA); Advanced IAM/Entra ID.
• Advanced SOAR/SIEM engineering (Sentinel, Splunk, CrowdStrike); MITRE ATT&CK mapping.
• Deep-packet inspection; BGP security; SD-WAN; SASE; Micro-segmentation.
• Proficiency in Python, Terraform, or Ansible for infrastructure-as-code.
• CISSP (Highly Preferred), CISM, CCSP, or specialized GIAC (GCIH/GCFA).