Senior Security Engineer

TAIT is looking for a hands-on Senior Security Engineer (SSE) to help mature and scale our developing Information Security program within TAIT’s Global Technology Services (“GTS”) team.

This role is ideal for someone who can operate across both strategy and execution—designing practical security controls, partnering closely with IT and operational teams, improving technical defenses, and reducing risk across corporate IT, cloud and SaaS platforms, endpoints, networks, identity systems, and manufacturing-adjacent environments.

 

The successful candidate will be a senior individual contributor who can build, improve, and operationalize security controls—not simply identify gaps. This person will work closely with the VP, Cybersecurity, Security Analysts, IT Infrastructure teams, and business stakeholders to strengthen TAIT’s resilience against both known and emerging threats in a complex, global environment.

• Design, implement, and improve security controls across identity, endpoint, network, cloud, SaaS, email, vulnerability management, and logging & data platforms.
• Translate security strategy into practical technical roadmaps, standards, and implementation.
• Partner with IT infrastructure and operations teams to harden systems, reduce attack surface, improve security posture, and shift security design to become a core component of infrastructure design.
• Evaluate current security tooling and recommend improvements to coverage, configuration, monitoring, and integration.
• Support secure architecture decisions for new systems, applications, infrastructure changes, and business initiatives.

• Strengthen identity security, including MFA, conditional access, SSO, privileged access, service accounts, and account lifecycle controls.
• Help reduce excessive capabilities and improve least-privilege access across critical systems.
• Partner with IT to improve privileged account management, administrative access, and remote access practices.

• Improve endpoint security coverage, hardening, detection, and response capabilities.
• Own or support vulnerability management processes, including scanning, prioritization, remediation tracking, and SLA reporting.
• Work with IT teams to reduce exposure from unpatched systems, edge devices, VPNs, remote access platforms, and high-risk vulnerabilities.
• Support ransomware resilience efforts, including backup validation, recovery planning, segmentation, and incident readiness. 

• Improve logging, alerting, and visibility across critical systems and data.
• Work with internal analysts and external providers to improve detection quality and response processes.
• Support incident response planning, tabletop exercises, and technical response procedures.
• Assist with post-incident reviews and drive security improvements based on lessons learned.

• Support development of technical security standards, baselines, and procedures.
• Provide technical input for security risk assessments, vendor reviews, audits, cyber insurance requests, and business security questions.
• Help prioritize security work based on business risk, operational impact, and practical feasibility.
• Communicate security risks and recommendations clearly to both technical and non-technical audiences. 
  

• 12+ years of experience in information security, security engineering, infrastructure security, or related technical roles.
• Strong hands-on experience implementing and operating security controls in enterprise environments.
• Practical knowledge of identity and access management, including MFA, SSO, conditional access, privileged access, and directory services.
• Experience with endpoint security platforms, vulnerability management, patching processes, and security hardening.
• Working knowledge of network security concepts, including firewalls, VPNs, segmentation, secure remote access, and network monitoring.
• Experience supporting incident response, security investigations, or security operations.
• Ability to work effectively with infrastructure, helpdesk, operations, engineering, and business teams.
• Strong communication skills, including the ability to explain technical risk in business terms.
• Ability to operate independently in a small security team and prioritize work based on risk.