Senior Security Engineer (f/m/x)

The Senior Security Engineer is responsible for designing, implementing, and continuously improving security controls across the corporate IT environment with a strong focus on the Microsoft ecosystem. This role partners closely with IT Infrastructure and other stakeholders to define security requirements, deploy technical guardrails, and reduce risk through measurable improvements to the organization’s security posture. 

Security Engineering & Control Implementation 

• Implement and maintain technical security controls across corporate systems and endpoints (e.g., endpoint security controls, secure configuration baselines, productivity platform security settings). 

• Drive continuous hardening of corporate IT environments through configuration standards, secure defaults, and controlled exception handling. 

• Define and maintain security baselines and guardrails that can be rolled out safely at scale in partnership with IT. 

Architecture & Security Requirements 

• Define security requirements for corporate IT initiatives and changes, ensuring security-by-design. 

• Create and maintain reference architectures, security patterns, and implementation guidelines for common use cases. 

• Review high-impact designs and changes to ensure they align with defined security standards. 

Exposure Reduction 

• Establish and operate a practical approach to vulnerability and configuration risk reduction, including prioritization guidance and remediation expectations. 

• Drive remediation with IT teams and verify closure (patching and configuration hardening), based on risk and active threats. 

Platform Guardrails & Emerging Risks 

• Implement technical guardrails for high-growth risk areas (e.g., SaaS sprawl, Shadow IT/AI usage, low-code/no-code platform governance). 

• Support secure adoption of new tools and capabilities by defining security configurations and monitoring requirements. 

Collaboration & Stakeholder Engagement 

• Work closely with IT Infrastructure/Workplace teams to plan rollouts, validate impacts, and maintain stability while raising security posture. 

• Support Security Operations during incidents with engineering input (containment options, hardening improvements, root-cause remediation recommendations). 

• Contribute to internal security documentation (standards, runbooks, technical implementation notes).