Security Engineer

Job Description #LI-CR2 #LI-Hybrid Responsibilities The Security Operations Engineer is a hands-on, technical role responsible for building, operating, and improving CBIZ's security controls while actively responding to security events across our hybrid and cloud environments. This is not a passive monitoring or ticket-routing position-this role owns problems end-to-end, drives investigations and fixes, and helps engineer a modern, resilient security stack. Essential Functions and Primary Duties:Security Operations & Incident Response Actively investigate and respond to security alerts across SIEM, XDR, NDR, identity, email, endpoint, and cloud security tools. Lead incident handling from triage through containment, eradication, recovery, and lessons learned. Perform root-cause analysis, validate remediation, and document findings and actions. Participate in an on-call rotation and after-hours response as needed. Security Engineering & Cloud Security Configure, harden, and maintain security controls in: Microsoft Azure and Azure Virtual Desktop (AVD) Amazon Web Services (AWS) Microsoft 365 security and compliance platforms Engineer and operationalize controls for identity protection, email/phishing defenses, DLP, conditional access, and tenant security baselines. Secure and monitor cloud workloads, identities, and data across hybrid and multi-cloud environments. Support and troubleshoot certificate-based authentication and encryption using PKI. Tune and refine detections for cloud, identity, and email-borne threats. Security Tooling, Automation & AI Administer and tune core security platforms, including: SIEM and log pipelines Endpoint/XDR Network security (URL/content filtering, zero-trust access) CASB and file-based DLP Identity and access management Email security and DLP Use scripting and automation (PowerShell, Python, Bash, SOAR workflows) to streamline investigations, orchestrate response actions, and reduce manual toil. Help evaluate and responsibly use AI-enabled security features to improve detection quality and analyst efficiency. Execution, Documentation & Process Improvement Take clear ownership of assigned tickets, projects, and initiatives through completion. Balance reactive incidents work with proactive engineering, cleanup, and hardening activities. Create and maintain operational documentation: runbooks, playbooks, SOPs, and KB articles that reflect how work is done. Identify gaps, propose improvements, and help mature SecOps processes and coverage. Collaboration & Communication Partner closely with GRC, IT, Cloud, Networking, Systems, Endpoint, and Business teams to drive secure outcomes. Communicate clearly and professionally during incidents and change work, including status, risk, and next steps. Provide technical guidance and mentorship to analysts and peers where appropriate and escalate issues effectively. Preferred Qualifications: 8+ years of experience in Information Security, Security Operations, or Security Engineering. Proven, hands-on experience with security investigations, incident response, and security control engineering. Experience securing cloud environments (Azure and/or AWS) and operationalizing Microsoft 365 security capabilities (email protection, DLP, etc.). Experience supporting or securing Azure Virtual Desktop (AVD). Working knowledge of PKI and certificate-based authentication/encryption. Experience with Linux (CLI, logs, services) and strong PowerShell skills for administration and SecOps. Solid understanding of core security concepts: networking, identity and access, endpoint and malware fundamentals, and common attack techniques. Demonstrated ability to work independently, exercise sound judgment, and drive work to completion. Strong scripting/automation skills (PowerShell, Python, Bash) and experience with SOAR or automated response. Exposure to AI-driven security tools or analytics. Security certifications such as Security+, ISC2 CC/CISSP, or other relevant credentials. Prior experience in a SOC or large enterprise security environment, and/or experience supporting mergers, integrations, or large-scale security transformations. QualificationsMinimum Qualifications College Degree or equivalent 6 years related experience Expert technical knowledge Knowledge of industry regulations Ability to lead and coordinate the team activities of others Ability to formulate, document and recommend new policies and procedures Able to work in and lead a team Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally Ability to travel as required by business and on-call availability About Us CBIZ Inc. is a leading professional services advisor to middle market businesses and organizations nationwide. With unmatched industry knowledge and expertise in accounting, tax, advisory, benefits, insurance, and technology, CBIZ delivers forward-thinking insights and actionable solutions to help clients anticipate what's next and discover new ways to accelerate growth. CBIZ has more than 10,000 team members across more than 160 locations in 22 major markets coast to coast. CBIZ strives to be our team members' employer of choice by creating an environment where team members are appreciated, recognized for their contributions, and provided with opportunities to grow, both personally and professionally, throughout their careers. Together, CBIZ and CBIZ CPAs are ranked as one of the top providers of accounting services in the United States. CBIZ CPAs is an independent CPA firm that provides audit, review and attest services, while CBIZ provides business consulting, tax and financial services. In certain jurisdictions, CBIZ CPAs operates under its previous name, Mayer Hoffman McCann P.C.

Created: 2026-03-10