Cloud & Endpoint Security Engineer

Datasite is where deals are made. We provide the data rooms and SaaS technology used in M&A and other high-value transactions, to deliver projects in more than 170 countries. Carrying that success into the future is all about you. Your useful skills, your unusual experience, your unique ideas. Everyone here brings something unexpected. What’s yours? Invest your talents in us, and we’ll return the compliment.

Job Description:

The Cloud and Endpoint Security Engineer plays a crucial role in the organization by serving as a subject matter expert (SME) combining technical expertise with a strong understanding of business needs to create impactful solutions that drive a risk-centric strategy properly securing all digital and physical assets within the organization. This engineer provides technical proficiency in efficiently completing projects and tasks as a member of a technology support and services team. This role is a self-starter and collaborates within IT, with peer groups, and with vendors to provide world-class security solutions. This role will participate in on-call providing 24/7 coverage.

Required for this role is a high energy, experienced, and self-motivated modern-technology-focused engineer who is responsible for secure operations of computing platforms in Azure, AWS, and Google Cloud as well as the securing of Mac, iOS, and Windows endpoints. Classifying digital assets according to departmental access policies is an on-going duty for this role. This role is key in the design and management securing devices and device integration to core systems, including virtualized desktops as well as securing systems supporting the needs of the enterprise. The successful engineer is an advanced technical subject matter expert who can apply knowledge and research to deliver innovative solutions to the business, including automation at every opportunity. Strong documentation skills are required as this role works closely with other teams within IT as well as Information Security and Compliance teams.

The ideal Security Engineer is organized, analytical, capable of solving business problems through technology, and has a strong drive and passion for developing a culture of security-first through knowledge sharing, mentoring, and excellent communication. They also continuously develop knowledge of evolving best practices through peer benchmarking, industry events/associations, and educational opportunities.

The right engineer is a passionate, results-oriented technologist who enjoys learning new technologies and getting elbows deep with something new; someone who has spent years honing knowledge and skills in endpoint and cloud-centric technologies.  The engineer is a natural and inspired learner who is always seeking to solve problems, learn new possibilities, and exploit opportunities that move the business forward securely. The individual is someone that people notice and commend on their Customer Service skills.

Duties and Responsibilities:

• Cloud Security:
  • Designing and implementing secure cloud infrastructure, applications, and networking.
  • Configuring and managing security controls within cloud platforms, including file access security and management identifiers.
  • Monitoring security posture and responding to security incidents.
  • Working closely with Security and Compliance teams in conducting vulnerability assessments and risk analyses.
  • Patch management to keep cloud resources up to date with security fixes.
     
• Endpoint Security:
  • Ensuring endpoint devices (laptops, desktops, servers, and mobile devices) are secure.
  • Implementing and managing endpoint protection tools.
  • Patch management to keep endpoints up to date with security fixes.
  • Investigating and remediating security incidents related to endpoints.
  • Follow security-recommended and best-practice hardening disciplines.
     
• Collaboration and Documentation:
  • Collaborating with cross-functional teams to design and implement cloud and endpoint security solutions.
  • Developing and coordinating cloud security procedures and disaster recovery plans.
  • Maintaining documentation and diagrams for security tools, system environments, and cloud operations.
     
• Expertise and Compliance:
  • Acting as a subject matter expert (SME) for security tools and processes.
  • Ensuring compliance with relevant standards.
  • Mitigating risks and meeting business objectives through appropriate security controls.
     
• Digital Asset Classification:
  • Develop and manage a comprehensive classification framework for digital assets, ensuring accurate labeling based on data sensitivity, compliance requirements, and organizational policies.
  • Leverage Microsoft Purview’s automated classification capabilities to efficiently label and categorize digital assets, enhancing data governance and facilitating compliance with regulatory standards.
     

Qualifications:

• Security Architecture: Defines and documents security best-practices for implementation by IT to ensure compliance with security policies and procedures provided by the Information Security, Legal, and Compliance departments as well as security best-practices not regulated by other departments.
• Cloud Platform Knowledge: Proficiency in cloud platforms like AWS, Azure, or Google Cloud. Understanding of services, configurations, and security features.
• Endpoint Knowledge: Adept in endpoint security tools for Windows, Mac OS, and iOS.
• Security Fundamentals: Strong grasp of security principles, including encryption, access controls, authentication, and authorization.
• Network Security: Knowledge of network protocols, firewalls, VPNs, and intrusion detection/prevention systems.
• Identity and Access Management (IAM): Ability to manage user access, roles, and permissions within cloud environments.
• Security Compliance: Familiarity with compliance frameworks and their application for endpoints and in cloud environments.
• Security Automation: Experience with scripting for automating security tasks.
• Threat Intelligence: Staying updated on security threats, vulnerabilities, and attack vectors.
• Incident Response: Understands incident handling, forensics, and recovery processes.
• Secure DevOps: Collaborate with architects, engineers, and operations teams to integrate security into the DevOps pipeline.
• Risk Assessment: Assess and mitigate risks related to cloud deployments.

Education

• Bachelor's degree in IT or related field or equivalent experience is required
• Security-related certifications

Experience

• 10+ years information technology security experience in an enterprise environment
• 7+ years security-centric architecture and leadership experience
• Experience with data classification and governance, with a strong understanding of data lifecycle management.
• Excellent communications skills, relationship skills, and customer service attitude working with highly-technical and non-technical personnel across all levels of the organization
• Exceptional organization and analysis skills, sophisticated problem-solving ability, and functions well within a team, willing to train and cross-train staff
• Works in partnership with teams across the organization on multiple efforts simultaneously and delivers continuous results and improvements
• Takes personal ownership for outcomes and performs well with light direction, input, and feedback
• Agile/Scrum/Kanban process and environments
• Adept in at least one programing language
• 5+ years documentation
• Knowledge and understanding of diverse platforms and operating systems, including current and emerging technologies
   

Key technologies include:

• Defender XDR
• Defender for Cloud
• Defender for Endpoint
• Defender for Office 365
• Defender for Identity
• Defender for Cloud Apps
• Defender Vulnerability Management
• Sentinel
• Qualys
• Manage Engine products
• Copilot for Security
• Microsoft Purview
• Ansible
• Terraform
• GIT
• MDM - Intune, JAMF
• DFS / NetApp / enterprise storage
• Active Directory / LDAPS
• Azure AD / Entra ID
• Group Policy
• Cloudflare
• Azure Virtual Desktop
• Azure Networking
• M365
• JIRA / Confluence
   

Additional Information

• Core hours are Monday – Friday 9:00am - 3:00pm Central Time
• Open to remote work
• Occasional travel to Minneapolis, MN headquarters office

The base salary range represents the estimated low and high end for this position at the time of this posting. Consistent with applicable law, each candidate’s compensation offer may vary and will be determined based on but not limited to, your geographic region, skills, qualifications, and experience along with the requirements of the position.  Datasite reserves the right to modify this pay range at any time.

Salary Range - $86,850 - $150,400

As a global organization, Datasite knows that diverse perspectives are essential to our success. We’re committed to maintaining a diverse workforce to serve our customers around the world. Datasite is an equal opportunity employer (EEO) and furthers the principles of EEO through Affirmative Action.