Key Facts

Remote From:

Austria , Canada , California (USA)

Full time

Senior (5-10 years)

English

Hard Skills

Other Skills

•
Communication
•
Teamwork
•
Strategic Thinking
•
Mentorship
•
Problem Solving

Red Cup IT

Computer Hardware & Networking

About Red Cup IT

Red Cup IT is an enterprise-grade IT firm that provides MSP, MSSP, Project Delivery, and Skill Augmentation solutions. We have been in business for twelve years and support clients across the United States. Our hallmark is the delivery of skillsets in more than 100 IT solutions and SaaS applications. Red Cup IT’s technical staff constantly cross-train across their specializations. Our company culture is unusual for firms of our nature. We strongly believe in IT skill transfer and knowledge sharing. Our customers’ business and IT leaders appreciate that we take care of the technical details so that they can focus on their strategic and business missions. Our end users appreciate the white glove support we provide. We focus on vendor relationship development and know how to get the most out of our partnerships on behalf of our clients.

Company type: SME

Industry: Computer Hardware & Networking

Founded: 2018

Company size: 11 - 50

Website LinkedIn See all jobs →

Job description

We are looking for a Staff Security Engineer at a Managed Service Provider (MSP) who is a high-level technical leadership role. Unlike a standard Security Engineer who might focus on a single organization’s perimeter, a Staff Engineer at an MSP must design, oversee, and scale security solutions across hundreds of diverse client environments.

They act as the "architect-in-chief," balancing deep technical execution with high-level strategy and mentorship.

Core Responsibilities

At the Staff level, the focus shifts from "doing the work" to "defining how the work is done" across the entire MSP fleet.

1. Security Architecture & Strategy

Scalable Standard Operating Procedures (SOPs): Design security baselines (NIST, CIS, or ISO 27001) that can be applied to clients ranging from small dental offices to mid-market enterprise firms.
Tooling Selection: Evaluate and select the "MSP Stack"—SIEM/MDR platforms, EDR/XDR solutions, and automated vulnerability scanners—ensuring they support multi-tenancy.
Product Development: Partner with the Product or Sales teams to build new "Security-as-a-Service" offerings (e.g., vCISO services or Managed Phishing Simulation).

2. High-Level Technical Leadership

Tier 4 Escalations: Act as the final point of escalation for complex security breaches or persistent threats that Tier 1–3 analysts cannot resolve.
Automation & Scripting: Write advanced scripts (Python, PowerShell, Bash) to automate threat hunting and remediation across thousands of endpoints simultaneously.
Cloud Security Mastery: Secure multi-cloud environments (Azure, AWS, GCP) for clients, ensuring proper identity management (MFA/Conditional Access) and data encryption.

3. Mentorship & Governance

Team Upskilling: Mentor Junior and Senior Engineers, conducting code reviews and architectural deep-dives.
Compliance & Auditing: Lead clients through regulatory audits (HIPAA, GDPR, PCI DSS) and ensure the MSP itself remains compliant (SOC2).

Required Skills & Qualifications

A Staff Engineer is expected to have 8–12+ years of experience in IT and Security.

Category	Key Requirements
Technical Depth	Mastery of EDR/XDR, SIEM (e.g., Sentinel, Splunk), Firewalls (Fortinet, Palo Alto), and Identity (Azure AD/Entra ID).
Cloud Expertise	Deep knowledge of cloud-native security tools and Zero Trust architecture.
Development	Proficiency in Python or PowerShell for API integrations and security automation.
Soft Skills	Ability to explain "zero-day" risks to non-technical business owners (CEOs/CFOs).
Certifications	CISSP (highly preferred), CISM, CCSP, or advanced provider certs (AZ-500, PCNSE).