<div class="show-more-less-html__markup show-more-less-html__markup--clamp-after-5 relative overflow-hidden"> This is a senior, hands-on security engineering role responsible for operating and evolving security across a Microsoft-centric environment in a regulated private equity firm.<br/><br/>This is not a management role. You will be the senior technical owner of endpoint security, data protection, detection/response, and security tooling. You will also help build new capabilities around AI-related risk and insider threat.<br/><br/>You will work directly with the CIO and regularly interact with legal, compliance, and external stakeholders (LPs, auditors).<br/><br/><strong>Core Responsibilities</strong> <strong>2. Detection, Response, and Tooling</strong> <strong>3. AI Security (Emerging Area)</strong> <strong>4. Recurring Security Programs<br/><br/></strong><ul><li> Microsoft Security Ownership (Primary)</li><li>Own and operate the Microsoft security stack end-to-end:</li><ul><li>Intune (device management, hardening)</li><li>Microsoft Defender (endpoint, identity, cloud)</li><li>Microsoft Purview (DLP, insider risk, compliance)</li><li>AppLocker / WDAC</li></ul><li>Drive configuration, tuning, and continuous improvement</li><li>Standardize and rationalize controls across the environment</li><li>Operate and optimize security tooling:</li><ul><li>SentinelOne, Rapid7, Darktrace, Mimecast (or equivalents)</li></ul><li>Lead incident response and escalation handling</li><li>Improve signal-to-noise and detection quality</li><li>Make vendor consolidation and tooling decisions</li><li>Build controls around employee use of AI tools (data leakage, misuse, supply chain attacks)</li><li>Partner on governance for LLM usage and data exposure</li><li>Stay current on evolving threat models and mitigation approaches<br/></li></ul><strong>Own And Facilitate<br/><br/></strong><ul><li>Quarterly employee cybersecurity training</li><li>Annual penetration testing (vendor-led; scope + oversight)</li><li>Annual BCP / disaster recovery tabletop exercises<br/><br/></li></ul><strong>5. Regulatory, Audit, and Litigation Support<br/><br/></strong><ul><li>Support LP due diligence and audits (including live calls)</li><li>Partner with legal/compliance on regulatory requirements (SEC environment)<br/><br/></li></ul><strong>6. Vendor Management<br/><br/></strong><ul><li>Manage external security vendors and partners</li><li>Define scope, evaluate output, and hold vendors accountable</li><li>Ensure technical depth when reviewing third-party work<br/><br/></li></ul><strong>Requirements (Non-Negotiable)<br/><br/></strong><ul><li>10–15 years of hands-on security engineering experience</li><li>Deep, practical expertise across the Microsoft security ecosystem:</li><li>Proven operator, not a people manager</li><li>Experience in a regulated environment (financial services, PE, banking, etc.)</li><li>Strong working knowledge of endpoint security, DLP, and detection/response<br/><br/></li></ul><strong>Additional Experience</strong> <br/><br/><ul><li>Experience with tools such as:</li><ul><li>SentinelOne, Rapid7, CrowdStrike, Arctic Wolf (or similar)</li></ul><li>Experience supporting audits, regulators, and external stakeholders</li><li>Familiarity with incident response and forensic workflows</li><li>Experience with and exposure to AI security risks and controls<br/></li></ul><strong>Soft Skills (Critical)<br/><br/></strong><ul><li>Executive presence; comfortable with senior stakeholders</li><li>Able to interface with legal, compliance, and LPs directly</li><li>High judgment and low ego</li><li>Clear communicator under pressure<br/><br/></li></ul><strong>Additional Context<br/><br/></strong><ul><li>Highly visible role with direct exposure to firm leadership</li><li>Lean team; high ownership expected</li><li>Preference for candidates already investing in learning (e.g., RSA, security communities, AI developments)</li></ul> </div>