Senior Security Engineer chez Legato Security
Legato Security · Salt Lake City, États-Unis d'Amérique · Onsite
- Senior
- Bureau à Salt Lake City
| Senior Security Engineer | 
 | 
| Who We Are | 
| Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats. 
 | 
| Position Overview | 
| Legato Security is seeking a Security Engineer to join our MSSP engineering team with a primary focus on Microsoft 365 security engineering. You will lead and support security configuration and management across Entra ID (Azure AD), Intune, Conditional Access, and the Microsoft Defender suite, while also operating and optimizing SIEM, EDR, and Email Security platforms for our customers. You will mentor junior team members, collaborate directly with clients, and drive continuous improvement in reliability, visibility, and detection outcomes. 
 | 
| Specific Job Responsibilities | 
| 
 | 
| Qualifications | 
Required Qualifications:
- Bachelor’s degree (or equivalent experience) in cybersecurity, information technology, computer science, or a related field.
- Hands-on administration of Microsoft 365 security: Entra ID (Azure AD), Intune, Conditional Access, and Microsoft Defender products (Endpoint, Identity, Office 365).
- Proven experience administering SIEM, EDR, and email security solutions in an MSSP or enterprise environment.
- Ability to create complex queries, detections, dashboards, and reports in SIEM/EDR solutions.
- Strong troubleshooting skills for agent issues and policy configurations at both global and local levels.
- Proficiency across Windows, Unix/Linux, and macOS operating environments.
- Scripting familiarity with PowerShell, Python or Bash.
- Strong knowledge of firewalls/UTMs, IDS/IPS, VPNs; excellent log analysis capabilities.
Preferred Qualifications:
- Microsoft security certifications (e.g., SC-300, SC-200, AZ-500, MD-102) or equivalent.
- Experience administering Splunk Enterprise and Splunk Cloud (content management, data onboarding, search head/indexer administration, basic performance tuning).
- Experience with Cribl (e.g., Cribl Stream) or similar observability pipelines.
- Vendor-specific certifications such as Sumo Logic Cloud SIEM Administrator, CrowdStrike CCFA/CCFR/CCFH, Google Associate Cloud Engineer, Microsoft Azure Security Engineer Associate, AWS Cloud Practitioner.
- Strong written and verbal communication skills with direct client-facing experience.
| Perks | 
| · Start-up company in a growth phase with opportunity for advancement based on performance · Start-up culture with an office in downtown Salt Lake City, UT · Competitive medical and dental benefits for employee and family members · Other company-provided benefits such as short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available, and 401K match · Flexible Paid Time Off policy · Professional Development opportunities specific to role 
 | 
Postuler maintenant
 
			 
			 
			 
			