Cybersecurity Engineer

We are seeking a Cybersecurity Engineer with 3-5 years of hands-on experience to join our growing cybersecurity team. In this role, you will be responsible for the day-to-day engineering, administration, and optimization of our security tools and infrastructure. You will work closely with the Cybersecurity Manager and the broader IT team to implement, monitor, and improve the security controls that protect our Microsoft Azure / M365 cloud environment, endpoints, and data. This is a hands-on technical role with meaningful exposure to compliance frameworks, incident response, and vendor management - making it an excellent opportunity for someone who wants to grow their career across the full breadth of cybersecurity in a regulated financial services environment. Primary Responsibilities: Security Engineering & Operations Deploy, configure, tune, and maintain enterprise security tools including EDR, SIEM, email security, DNS filtering, and endpoint management platforms. Monitor security alerts and events across the environment, performing triage, investigation, and escalation of potential incidents. Manage and optimize detection rules, alerting thresholds, and automated response workflows within SIEM and EDR platforms. Support the administration and enforcement of Conditional Access Policies, application control policies (AppLocker), and identity and access management configurations within Microsoft Entra ID (Azure AD). Assist with the deployment and management of mobile device management (MDM/MAM) policies through Microsoft Intune. Conduct vulnerability assessments and coordinate remediation efforts with IT infrastructure and application teams. Develop and maintain PowerShell or Python scripts to automate routine security tasks, reporting, and data collection. Vulnerability Management Manage the end-to-end vulnerability management lifecycle - scanning, prioritization, remediation tracking, and validation across servers, endpoints, and cloud resources. Coordinate and execute OS and third-party application patching across the environment, ensuring timely remediation of critical and high-severity vulnerabilities in alignment with established SLAs and maintenance windows. Triage vulnerability scan results and prioritize remediation based on exploitability, asset criticality, and environmental context - not just raw CVSS scores - while developing compensating controls and risk acceptance documentation for vulnerabilities that cannot be immediately patched. Monitor threat intelligence feeds and vendor advisories (Microsoft Patch Tuesday, CISA KEV catalog, vendor-specific bulletins) and track patching compliance metrics to support both proactive risk reduction and SOC 2 audit evidence requirements. Incident Response Participate in incident detection, investigation, containment, and remediation activities. Perform log analysis and forensic investigation across endpoint, network, identity, and cloud environments. Document incidents thoroughly, including root cause analysis, timeline reconstruction, and lessons learned. Coordinate with the managed SOC provider on alert escalation, tuning requests, and incident handoff procedures. Contribute to the development and testing of incident response playbooks and procedures. Compliance & Governance Support the ongoing maintenance of SOC 2 Type 2 compliance, including evidence collection, control testing, and audit coordination through our compliance automation platform (Drata) Assist with the development, review, and enforcement of cybersecurity policies, standards, and procedures. Contribute to vendor security assessments and due diligence reviews as part of our vendor risk management program. Support Business Continuity Plan (BCP) documentation, tabletop exercises, and testing activities. Help prepare materials and reporting for the Cyber Risk Steering Committee (CRSC) and other governance bodies. Security Awareness & Collaboration Support the development and delivery of security awareness training and phishing simulation campaigns. Serve as a knowledgeable security resource for IT colleagues and the broader organization, translating technical concepts into clear, actionable guidance Collaborate with cross-functional teams including IT infrastructure, compliance, and risk management to integrate security into business processes. Required Credentials: 5 - 7 years of hands-on experience in cybersecurity engineering, security operations, or a closely related technical security role. Strong working knowledge of Microsoft Azure and M365 security capabilities, including Entra ID (Azure AD), Conditional Access, Defender suite, and Purview. Experience deploying, managing, and tuning EDR platforms (e.g., SentinelOne, CrowdStrike, Microsoft Defender for Endpoint). Experience with SIEM platforms - log ingestion, correlation rule development, alert tuning, and dashboard creation (e.g., FortiSIEM, Sentinel, Splunk, or comparable). Demonstrated experience managing enterprise patching programs across Windows endpoints and servers, with familiarity in patch management tooling (e.g., WSUS, Intune, SCCM/MECM, or third-party solutions). Hands-on experience with vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7) including scan configuration, result analysis, and remediation workflow management. Ability to assess and prioritize vulnerabilities using contextual risk factors beyond raw CVSS scores, including asset exposure, exploit availability, and business impact. Solid understanding of identity and access management concepts including MFA, SSO, RBAC, and privileged access management. Familiarity with endpoint management tools such as Microsoft Intune and application control technologies like AppLocker. Experience with vulnerability management tools and processes (e.g., Tenable, Qualys, Rapid7). Working knowledge of common security frameworks and standards (NIST CSF, CIS Controls, MITRE ATT&CK). Competency in scripting for automation and reporting (PowerShell preferred; Python a plus). Strong analytical and problem-solving skills with the ability to investigate complex security events across multiple data sources. Excellent written and verbal communication skills - able to clearly explain technical security topics to both technical and non-technical audiences. Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field - or equivalent practical experience. Preferred Qualifications: Experience working in financial services, wealth management, or another regulated industry. Hands-on experience supporting SOC 2 audits, including evidence collection and control validation. Experience with compliance automation platforms (e.g., Drata, Vanta). Familiarity with vendor risk management processes and third-party security assessments. Experience coordinating with managed security service providers (MSSPs) or managed SOC teams. Exposure to DNS filtering solutions (e.g., DNSFilter, Cisco Umbrella). Familiarity with business continuity and disaster recovery planning. Understanding of SEC, FINRA, or other financial services regulatory requirements as they relate to cybersecurity. One or more industry certifications such as: CompTIA Security+, CySA+, or CASP+ Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) or Security Operations Analyst (SC-200) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400) Microsoft Certified: Identity and Access Administrator Associate (SC-300) GIAC certifications (GSEC, GCIH, GCIA) Certified Information Systems Security Professional (CISSP) - Associate level acceptable Certified in Risk and Information Systems Control (CRISC) Compensation: $115,000 - $130,000 Why Cerity Partners: Our people drive our success by working together to deliver exceptional service to our clients. Below is a glimpse of the key elements of our total rewards package: Health, dental, and vision insurance – day 1! 401(k) savings and investment plan options with 4% match Flexible PTO policy Parental Leave Financial assistance for advanced education and professional designations Opportunity to give back time to local communities Commuter benefits Cerity Partners is committed to providing an environment where all individuals can be their authentic selves. We are an Equal Opportunity Employer who respects each individual and supports the diverse cultures, perspectives, and experiences of our colleagues. We are dedicated to building an inclusive and diverse workforce and will not discriminate based on race, religion, national origin, sex, sexual orientation, age, veteran status, disability status, or any other applicable characteristics protected by law. Cerity Partners is committed to working with and providing accommodations to applicants with disabilities or special needs. For those needing accommodations, please reach out to View email address on click.appcast.io. Applicants must be authorized to work for any employer in the U.S. Cerity Partners is one of the nation’s leading independent financial advisory firms. We serve high-net-worth individuals & their families, businesses, & their employees, and nonprofit organizations from our offices across the country. Our in-house experts of tax advisors, financial planners, investment professionals, & retirement plan consultants are passionate about and committed to providing objective financial advice & oversight. At Cerity Partners, we believe in the long view. We work with clients who appreciate our comprehensive and sustained approach to wealth management. We don’t just look for short-term gains, we seek long-term growth. We have the same approach to our people. We look for experienced and credentialed wealth management colleagues who can keep pace with us. We manage over $100 billion assets for our clients and we are routinely recognized as a Barron’s Top 100 RIA firms in the nation. The driving factor of our accelerated growth is our people. Located throughout the U.S., our teams consist of experts who are helpful, knowledgeable, sincere, and have the perseverance and capability to go the extra mile for our clients. We consider our firm a community that works together to serve one common goal: Finding diverse solutions to suit diverse financial needs.