Cybersecurity Engineer IT Operation

Novacoast is assisting a leading organization in the retail and grocery industry in identifying a Cybersecurity Engineer to strengthen and maintain security across a hybrid enterprise environment.

This position spans engineering, administration, and daily operations, engaging directly with systems, tools, and integrations that protect the organization's perimeter, network, endpoints, email, and identity platforms.

The ideal candidate is technically strong, operationally driven, and collaborative; someone who understands how enterprise defenses fit together and enjoys both building and operating security systems in real time.

Key Responsibilities

• Engineer, administer, and maintain cybersecurity tools and integrations (SIEM, EDR, email, identity, vulnerability management, and network security platforms).
• Strengthen external perimeter defenses, internal network segmentation, and endpoint protection controls.
• Collaborate with Infrastructure and Cloud teams to embed security controls within system configurations, cloud workloads, and automation pipelines.
• Conduct incident response and threat investigations; triage security events and coordinate remediation.
• Manage user and system access administration across on-prem and cloud identity systems (Active Directory, Azure AD, SaaS).
• Support automation of monitoring, alerting, and response workflows using scripting languages such as Python or PowerShell.
• Tune SIEM/SOAR integrations to enhance detection fidelity and response efficiency.
• Partner with Managed Security Service Providers (MSSPs) on escalations and remediation activities.
• Participate in vulnerability management, patching, and risk mitigation processes to ensure optimal security.
• Maintain clear documentation of configurations, procedures, and operational changes to ensure accurate and consistent record-keeping.

Core Competencies

• Technical Depth: Broad understanding of network, endpoint, identity, and perimeter security technologies.
• Operational Focus: Balances day-to-day incident response with proactive systems administration and maintenance.
• Collaboration: Works effectively with IT, Infrastructure, and Cloud teams to operationalize security controls.
• Automation Mindset: Builds and refines workflows that improve speed and consistency.
• Ownership & Initiative: Drives issues to resolution and continuously seeks improvement.
• Communication: Translates technical information into clear, actionable guidance.

Qualifications

• 5 8 years of hands-on experience in cybersecurity engineering, administration, or operations roles.
• Strong experience with endpoint, network, and perimeter security tools.
• Working knowledge of email and identity protection platforms (e.g., Microsoft 365 Defender, Proofpoint, Okta, Azure AD).
• Familiarity with SIEM/SOAR platforms and incident response workflows.
• Demonstrated collaboration with Infrastructure, Cloud, and DevOps teams.
• Proficiency in Python, PowerShell, or Bash for automation and scripting.
• Experience in vulnerability management and patch lifecycle coordination.
• Bachelor's degree in Computer Science, Cybersecurity, or related discipline preferred.
• Relevant certifications (CISSP, GCWN, GCIH, CCSP, or Microsoft Security) are a plus.

Why This Role

This opportunity is ideal for an engineer who wants to be deeply involved in hands-on security operations while driving continuous improvement across systems and processes. You'll play a pivotal role in maintaining the integrity and resilience of IT environments that support a national retail organization trusted by millions of customers.