Sr. Security Engineer with Zero Trust Experience | Columbus, OH

Title: Sr. Security Engineer

Location: Columbus, OH

Duration: 6+ Months

Job Description

Security Architecture & Strategy

• Design and implement scalable security architectures across cloud, on-prem, and hybrid environments.
• Lead strategic initiatives such as Zero Trust adoption, Secure Access Service Edge (SASE), and cloud-native security transformation.
• Develop security reference architectures and blueprints aligned with business and regulatory requirements.
• Tactical Response Rapid activation to resolve global incidents, codify playbooks, and translate lessons learned into enduring standards.
• Network Consulting Conduct assessments, provide reference architectures, and guide decision-making with executive-ready recommendations.
• Solution & Planning Define and execute well-structured solution packages (HLD, LLD, BoM, QA, automation models) aligned with the One Management model. Emphasize Infra-as-Code, observability, and governance at every stage.
• Gap Analysis Map as-is to to-be states across people, process, technology, and compliance, prioritizing remediation into quick wins and strategic programs.
• Zero Trust enforcement, detection engineering, SOAR automation, and proactive leadership during global zero-day and control plane events.

Threat Modeling & Risk Management

• Conduct threat modeling and security assessments for new technologies, applications, and infrastructure.
• Identify and mitigate risks across enterprise systems, APIs, containers, and third-party integrations.
• Collaborate with risk and compliance teams to ensure alignment with frameworks like NIST, ISO 27001, and CIS Controls.

Cloud & DevSecOps Enablement

• Implement cloud security controls and automation across AWS, Azure, and Google Cloud Platform (IAM, encryption, logging, workload protection).
• Integrate security into CI/CD pipelines using tools like Snyk, Checkov, Prisma Cloud, or Aqua Security.
• Define and enforce secure coding practices and infrastructure-as-code policies.

Security Automation & Engineering

• Develop and maintain security automation scripts and playbooks using Python, PowerShell, or Bash.
• Build integrations between security tools and SIEM/SOAR platforms (e.g., Splunk, Sentinel, Cortex XSOAR).
• Automate vulnerability scanning, patch validation, and compliance reporting.

Detection & Response Engineering

• Enhance detection capabilities through custom rule creation, log enrichment, and bevioral analytics.
• Collaborate with SOC and IR teams to improve incident response workflows and forensic readiness.
• Lead purple team exercises and adversary emulation to validate controls and improve resilience.

Cross-Functional Leadership

• Act as a technical advisor to strategic programs involving cloud migration, M&A, AI/ML adoption, and digital modernization.
• Partner with enterprise architects, infrastructure teams, and business units to embed security into strategic planning.
• Present security strategies, risk posture, and program outcomes to executive leadership and governance boards.

Required Skills & Qualifications

Technical Expertise

• Deep understanding of security principles across network, application, cloud, and endpoint domains.
• Hands-on experience with cloud-native security tools (AWS GuardDuty, Azure Defender, Google Cloud Platform Security Command Center).
• Proficiency in scripting and automation (Python, Terraform, Ansible).
• Familiarity with container and Kubernetes security (e.g., PodSecurityPolicies, OPA/Gatekeeper, Falco).

Certifications

• Preferred: CISSP, CCSP, OSCP, GIAC Cloud Security (GCLD/GPCS), AWS/Azure Security Specialty

Experience

• 7+ years in cybersecurity engineering or architecture roles.
• 3+ years leading strategic security initiatives or transformation programs.

Soft Skills

• Strong analytical and problem-solving skills.
• Excellent communication and stakeholder engagement abilities.
• Strategic mindset with a focus on innovation and business alignment.

• Preferred Qualifications

• Experience with Zero Trust frameworks and implementation.
• Knowledge of data protection regulations (GDPR, HIPAA, CCPA).
• Background in regulated industries (finance, healthcare, government)