Senior Security Engineer bei Legato Security

Senior Security Engineer 

Who We Are 

Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats. 

Position Overview 

Legato Security is seeking a Security Engineer to join our MSSP engineering team with a primary focus on Microsoft 365 security engineering. You will lead and support security configuration and management across Entra ID (Azure AD), Intune, Conditional Access, and the Microsoft Defender suite, while also operating and optimizing SIEM, EDR, and Email Security platforms for our customers. You will mentor junior team members, collaborate directly with clients, and drive continuous improvement in reliability, visibility, and detection outcomes.

Specific Job Responsibilities 

• Design, implement, and maintain secure configurations across Entra ID (Identity Protection, MFA, Conditional Access, PIM), Intune (device compliance, configuration profiles, app protection, endpoint security baselines), and Microsoft 365 Defender (Defender for Endpoint/Identity/Office 365; DLP) to reduce risk and improve posture.
• Perform tenant health reviews, roadmap recommendations, and architecture guidance aligned to best practices.
• Independently resolve complex platform issues; escalate critical problems with comprehensive analysis.
• Develop and refine queries, dashboards, and reports across various SIEM and EDR solutions to improve visibility and meet customer requests.
• Manage log source onboarding and tuning, parser normalization, licensing and ingestion health to maintain accuracy and performance.
• Administer updates, patches, and configurations on managed security systems.
• Manage and optimize RBAC with least privilege and auditing; maintain separation of duties.
• Perform monthly health checks to validate uptime, data quality, and control effectiveness; proactively remediate issues.
• Provide actionable recommendations on security configurations; act as a trusted advisor to clients.
• Work client requests end-to-end in the ticketing system, populating required fields, documenting findings, linking related tickets, and closing issues promptly.
• Ensure all activities comply with organizational policies and regulatory requirements (e.g., CMMC, GDPR, HIPAA, PCI-DSS).
• Contribute to cross-functional projects; stay current with emerging threats, technologies, and compliance standards; implement security best practices.
• Insert responsibilities 

 Qualifications 

Perks 

·       Start-up company in a growth phase with opportunity for advancement based on performance 

·       Start-up culture with an office in downtown Salt Lake City, UT 

·       Competitive medical and dental benefits for employee and family members 

·       Other company-provided benefits such as short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available, and 401K match 

·       Flexible Paid Time Off policy 

·       Professional Development opportunities specific to role