Key Facts

Remote From:

Austria , California (USA)

Category: Security Engineer

Full time

Senior (5-10 years)

English

Hard Skills

Cloud Security Architecture Azure Security Secure Coding Root Cause Analysis Technical Audit Security Engineering Application Programming Interface (API) Supplier Management Crowdsourcing Splunk +20 more

Other Skills

•
Problem Solving

Roles & Responsibilities

8–12+ years in information security, with 3+ years in multi-client consulting or MSP environments
Expert-level AWS/Azure security; Zero Trust Architecture (ZTA); Advanced IAM/Entra ID
Proficiency in security automation and IaC using Python, Terraform, or Ansible; strong SOAR/SIEM engineering experience with MITRE ATT&CK mapping
Certifications: CISSP (Highly Preferred), CISM, CCSP, or GIAC (GCIH/GCFA)

Requirements:

Strategic Security Architecture: design and maintain hardened, isolated security stacks (SIEM, EDR, XDR) with scalable multi-tenancy; lead product vetting and develop 'Gold Image' baselines and automated deployment templates aligned to CIS and NIST for rapid onboarding
Tier 4 Escalation Forensic Mastery: act as the final technical escalation point for the SOC, leading responses to sophisticated APTs and complex breaches; perform root-cause analysis and translate findings into fleet-wide preventative measures
Security Engineering Hyper-Automation: build Security as Code using Python, PowerShell, and Terraform to automate threat containment and patch management; create custom API integrations to bridge vulnerability scanners, RMM tools, and ticketing systems for auto-remediation
High-Stakes Advisory Governance: function as a strategic vCISO for key accounts, translating risk into actionable business roadmaps for executives; oversee compliance evidence collection and governance for HIPAA, SOC 2, and CMMC to keep clients audit-ready

Red Cup IT

Computer Hardware & Networking

About Red Cup IT

Red Cup IT is an enterprise-grade IT firm that provides MSP, MSSP, Project Delivery, and Skill Augmentation solutions. We have been in business for twelve years and support clients across the United States. Our hallmark is the delivery of skillsets in more than 100 IT solutions and SaaS applications. Red Cup IT’s technical staff constantly cross-train across their specializations. Our company culture is unusual for firms of our nature. We strongly believe in IT skill transfer and knowledge sharing. Our customers’ business and IT leaders appreciate that we take care of the technical details so that they can focus on their strategic and business missions. Our end users appreciate the white glove support we provide. We focus on vendor relationship development and know how to get the most out of our partnerships on behalf of our clients.

Company type: SME

Industry: Computer Hardware & Networking

Founded: 2018

Company size: 11 - 50

Website LinkedIn See all jobs →

Job description

We are seeking a Staff Security Engineer who operates at the nexus of high-level strategy and multi-tenant operational excellence. While a traditional internal role secures a single enterprise perimeter, you are responsible for the integrated defense fabric of a vast portfolio of diverse client environments.

You will navigate the complexities of varied compliance needs and legacy technical debt, transforming them into a unified, scalable security posture. This is a technical leadership role designed for an expert who prefers the keyboard and the whiteboard over a people-management track, focusing on the "big picture" of our global security product stack.

Core Responsibilities

1. Strategic Security Architecture & Product Strategy

Scalable Multi-tenancy: Architect and maintain hardened, isolated security stacks (SIEM, EDR, XDR) designed to scale across hundreds of distinct client environments.
Product Vetting: Serve as the technical lead for vendor evaluations, "battle-testing" emerging tech to define our global standard offerings.
Global Standardization: Engineer "Gold Image" baselines and automated deployment templates based on CIS and NIST frameworks to ensure rapid, secure onboarding.

2. Tier 4 Escalation & Forensic Mastery

Final Authority: Serve as the ultimate technical escalation point for the SOC, leading the response to sophisticated APTs and complex breaches.
Post-Mortem Leadership: Conduct deep-dive Root Cause Analysis (RCA) and translate incident findings into systemic, fleet-wide preventative measures.

3. Security Engineering & Hyper-Automation

Security as Code: Build the automation tissue that connects our stack, utilizing Python, PowerShell, and Terraform to automate threat containment and patch management.
Integration Engineering: Develop custom API integrations to bridge gaps between vulnerability scanners, RMM tools, and ticketing systems for seamless auto-remediation.

4. High-Stakes Advisory & Governance

Strategic vCISO: Act as a high-level advisor for key accounts, translating abstract risk into actionable business roadmaps for C-suite stakeholders.
Compliance Orchestration: Oversee technical evidence collection and governance for HIPAA, SOC 2, and CMMC, ensuring our clients remain audit-ready.

Technical Profile

Category	Competencies
Cloud & Identity	Expert-level AWS/Azure security; Zero Trust Architecture (ZTA); Advanced IAM/Entra ID.
SecOps & Intelligence	Advanced SOAR/SIEM engineering (Sentinel, Splunk, CrowdStrike); MITRE ATT&CK mapping.
Network Defense	Deep-packet inspection; BGP security; SD-WAN; SASE; Micro-segmentation.
Automation / IaC	Proficiency in Python, Terraform, or Ansible for infrastructure-as-code.
Certifications	CISSP (Highly Preferred), CISM, CCSP, or specialized GIAC (GCIH/GCFA).

Experience & Qualifications

8–12+ Years in Information Security, with a significant background (3+ years) in multi-client consulting or MSP environments.
Force Multiplier: Proven track record of leading cross-functional projects and mentoring senior engineers without direct-report authority.
Bilingual Communication: The rare ability to pivot from a deep-dive technical audit with an engineer to a risk-based ROI presentation for a CEO.