Security Engineer

Established in 2014 and based in Charleston, South Carolina, Soteria's expertise in the cybersecurity domain is predicated upon the accumulated practical experience across all team members. Soteria's security professionals have held leading positions in private industries, state governments, and federal intelligence communities.

Driven by this combined pool of knowledge as well as the belief that "Security is for Everyone," Soteria offers advisory services and solutions which are significantly differentiated from the security status quo. Soteria treats each client as a unique case deserving of individualized security insights and specialized hands-on assistance.

As a part of our advisory team, you will have an immediate impact on a growing team, helping clients who seek your expertise. You will build relationships with clients, helping balance their business and security objectives. You will understand each client organization's security needs and develop plans to enable future success. You will also keep them informed of emerging trends in security and serve as a sounding board and trusted advisor for security questions and concerns to help build aspects of their security program. You are comfortable stretching yourself and find the rapid evolution of technologies a fun and rewarding challenge to keep pace.

What you'll do

• Communicate with prospective and existing clients to understand their security needs and develop engagement plans to satisfy their requirements.
• Understanding of the business requirements and other motivating factors for clients.
• Lead and perform cloud and infrastructure technical security assessments (Microsoft 365, Microsoft Azure, Google Workspace, AWS, Active Directory, etc.) to help organizations understand where gaps exist within their information technology environment and technical security controls, and make recommendations tailored to the client's environment. Translate organizational security documentation into operational practices.
• Perform hands-on keyboard remediation activities in response to security-focused assessments.
• • These may include but are not limited to Microsoft enterprise tools, server and networking infrastructure components and identity providers.
• Develop detailed reports with actionable recommendations to address security gaps and ensure remediation efforts align with organization needs and service level objectives.
• Understand and apply security framework controls aligning to industry frameworks such as NIST, CIS, ISO, or MITRE ATT&CK.
• Design, evaluate, and implement secure network architectures.
• Provide assessments of emerging technology to facilitate solutions and recommendations for future architectural requirements that are cost effective and reduce risk while enhancing security.
• Work closely with clients and the Soteria team to develop plans of action for clients to ensure they achieve their desired outcomes.
• Document and present findings and recommendations to clients, including C-Suite and board-level executives, in a professional manner.
• Maintain relationships with clients post-assessment in order to assist and advise as they continue to build and improve their security.
• Maintain competence in security trends, technologies, and practices through self-study and attendance of industry events.
• Create, collaborate, and/or assist in maintaining internal tooling to enhance or assist in performing duties, as appropriate.
• Familiarity with scripting languages such as PowerShell, Python, or Golang.
• Train and mentor other employees in order to build the company's overall capacity and capability.
• Work with Soteria leadership to develop, achieve, and enhance the revenue goals.
• Perform business development tasks from the initial call with a referral or repeat client, through the proposal stage, and finally, to contract execution.
• Effectively manage projects, ensuring professional and proactive client communication.

Qualifications

Technology Experience Requirements:

• 5+ years of industry experience with Microsoft 365 productivity and enterprise tools
• Microsoft Defender for Endpoint or similar security tools
• Entra ID, Active Directory, Conditional Access Policies, and Group Policy
• Identity Providers, Single-Sign On and Multifactor Authentication technologies
• Next-generation Firewall technologies and configurations
• Network architecture
• Zero-Trust Network Access technologies and architectures are considered a plus
• Securing workloads and data within Cloud environments (i.e. Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP))

Education and Experience Requirements:

• 5+ years of industry experience with a deep understanding of the cybersecurity and Information Technology space
• Prior experience in a cybersecurity consulting role or similar Information Technology, VAR, MSP or IT reseller consulting role
• Prior experience in a cybersecurity consulting role or similar Information Technology, VAR, MSP or IT reseller consulting role.
• Knowledge and understanding of common regulatory and compliance requirements such as HIPAA, PCI-DSS, CMMC, GDPR, etc.
• Knowledge and understanding of control frameworks such as CIS, STIG, and NIST.
• Relevant certifications such as CISSP, CCNA or higher, MCSE, VCP, RHCSA or higher, AWS SysOps Admin, Solutions Architect, Advanced Networking or Security, MCAA (Azure Administrator), MCASA, or MCASEA.
• Position is fully remote - no mandatory travel, elective travel to industry conferences and training events.

The pay range for this role is:

120,000 - 150,000 USD per year (Remote)