Senior Info Security Engineer

Based in St. Louis, Core & Main is a leader in advancing reliable infrastructure with local service, nationwide. As a specialty distributor with a focus on water, wastewater, storm drainage and fire protection products and related services, Core & Main provides solutions to municipalities, private water companies and professional contractors across municipal, non-residential and residential end markets, nationwide. With over 370 locations across the U.S., the company provides its customers local expertise backed by a national supply chain. Core & Main's 5,700 associates are committed to helping their communities thrive with safe and reliable infrastructure. Visit coreandmain.com to learn more.

Position Summary

We are seeking a Senior Information Security Engineer to strengthen enterprise security controls and improve operational effectiveness across security monitoring, cloud identity and access management, privileged access management, and support of SOC/MDR and threat intelligence functions.

This is a hands-on senior engineering role responsible for designing, implementing, operating, and improving security capabilities in a complex enterprise environment. The role partners closely with security leadership and architecture to translate strategy into measurable engineering outcomes and serves as a senior technical resource for complex security engineering issues across core control domains.

Key Responsibilities

Security Monitoring & SIEM Engineering

• Own and enhance enterprise security monitoring capabilities across SIEM and related telemetry platforms.
• Design, implement, and improve detections, dashboards, alerting, and monitoring content to increase signal quality and operational value.
• Engineer reliable telemetry collection, normalization, and monitoring workflows to support data quality, operational resilience, and long-term maintainability.
• Partner with SOC and MDR stakeholders to improve monitoring coverage, detection effectiveness, and response outcomes.
• Mature detection engineering practices, use cases, and workflows to strengthen monitoring quality over time.

Cloud Identity & Access Management

• Design, implement, and support cloud IAM controls focused on least privilege, access governance, and identity-based security.
• Build and maintain controls in platforms such as Microsoft Entra, including Conditional Access and privileged access controls.
• Strengthen identity posture across users, administrators, service principals, and other non-human identities.
• Evaluate and improve access models to reduce risk while supporting business operations.

SOC / MDR & Threat Intelligence Support

• Improve SOC and MDR effectiveness through enhancements to detection content, enrichment, workflows, and technical integrations.
• Collaborate with incident response, MDR, and threat intelligence stakeholders to strengthen threat-informed monitoring and investigative value.
• Provide engineering support during security incident escalations, including troubleshooting, coordination, and improvement of detection and response workflows.
• Drive post-incident improvements that increase visibility, prioritization, and operational effectiveness.

Privileged Access Management

• Build, operate, and mature privileged access capabilities that protect privileged credentials, administrative access, and high-risk workflows.
• Standardize and improve privileged account onboarding, credential governance, vaulting, rotation, and access workflows.
• Strengthen the reliability, auditability, and operational effectiveness of PAM services through clear runbooks and repeatable processes.
• Partner with security and infrastructure teams to ensure PAM capabilities are scalable and aligned to enterprise standards.

Cross-Functional Security Engineering

• Partner with security leadership and architecture to implement strategic security priorities through well-engineered, measurable controls.
• Serve as a senior technical resource and escalation point for complex security engineering issues across core control domains.
• Contribute to security design reviews, technical standards, and implementation guidance for identity, monitoring, and privileged access domains.
• Create and maintain technical documentation, runbooks, and guidance that improve repeatability and supportability.
• Support control validation and technical evidence requests related to implemented security controls, as needed.

Required Qualifications

• 7+ years of experience in information security engineering, security platform engineering, identity security, security operations engineering, or a related field.
• Strong hands-on experience with SIEM/security monitoring platforms, including detection content, alerting, dashboards, tuning, and telemetry onboarding.
• Working knowledge of cloud IAM, including Microsoft Entra / Azure AD, Conditional Access, privileged roles, access governance, and identity security concepts.
• Experience with Privileged Access Management (PAM) and/or enterprise secret management platforms.
• Familiarity with supporting SOC, MDR, or threat detection and response functions in an enterprise environment.
• Strong understanding of identity, authentication, authorization, least privilege, and privileged access control principles.
• Strong written and verbal communication skills, including the ability to document designs, standards, and implementation guidance.

Preferred Qualifications

• Experience with Microsoft security technologies and cloud security controls in Azure / Entra environments.
• Experience with modern SIEM, telemetry, or detection engineering practices in large or hybrid enterprise environments.
• Familiarity with MDR operating models, threat intelligence integration, or detection engineering frameworks.
• Experience automating security workflows where appropriate using scripting or infrastructure/platform tooling.
• Security certifications such as CISSP, GIAC, SC-100, AZ-500, or comparable credentials.

What Success Looks Like

• Operates independently on complex technical work, exercising sound judgment in ambiguous or time-sensitive situations.
• Improves the effectiveness and reliability of enterprise security monitoring and detection capabilities.
• Strengthens cloud identity and privileged access controls through thoughtful engineering and operational rigor.
• Increases the quality and usability of security signals that support SOC/MDR teams.
• Delivers measurable security improvements aligned with strategic priorities.

Core & Main is an Equal Employment Opportunity employer. Employment at Core & Main is based solely on a person's merit and qualifications directly related to professional competence. Core & Main does not discriminate against any employee or applicant on the basis of race, creed, color, religion, national origin, nationality, ancestry, age, disability, veteran status, pregnancy or related condition (including breastfeeding), affectional or sexual orientation, gender identity or expression, marital status, status with regard to public assistance, citizenship, or any other basis protected by law.

None of the questions in this application are intended to elicit information regarding any protected characteristics, nor imply any limitation, illegal preferences or discrimination based upon non-job-related information or protected characteristics.

For more information, please click here or visit

Required

Preferred

Job Industries

• Other