Senior Information Security Engineer

• SIEM & SOAR Engineering: Configure log ingestion pipelines, write advanced detection queries, analyze system telemetry, and build automated incident response workflows.

• Policy Technical Enforcement: Directly translate enterprise Information Security Policies into concrete technical controls, including conditional access matrices, complex firewall rule sets, and secure system baselines.

• Data Loss Prevention (DLP) Deployment: Implement, tune, and monitor technical DLP rules to detect, alert on, and block the unauthorized exfiltration of sensitive organizational data.

• Endpoint Detection & Response (EDR) Administration: Deploy and manage global endpoint agents, optimize behavioral alerting thresholds, and execute rapid containment protocols during active threats.

• Vulnerability Management & Internal Pentesting: Execute credentialed infrastructure and application scans, filter false positives, and coordinate patch validations. Conduct targeted internal penetration testing and exploit validation using standard offensive security suites.

• Network Security Mastery: Analyze, configure, and troubleshoot network traffic across Layers 2 through 7 to enforce uncompromised perimeter defense and internal micro-segmentation.

• Secure Access & Tunneling: Build, harden, and support secure remote access architectures, managing enterprise IPsec / SSL VPN gateways, certificate lifecycles, and Multi-Factor Authentication (MFA) integrations.

• Technical Mentorship: Act as the primary technical escalation point for IT operations and mentor junior administrators on secure engineering principles and alert triage.

Do you have a valid CompTIA Advanced Security Practitioner certification?, Do you have experience in Vulnerability scanning?, * Experience: 5+ years of dedicated, hands-on experience in cybersecurity engineering, network defense, or security systems administration.

• Systems Proficiency: Deep hands-on expertise configuring market-leading SIEM/SOAR platforms, EDR consoles, Data Governance/DLP modules, and enterprise vulnerability scanners.
• Networking & Offensive Skills: Thorough technical understanding of the OSI model, secure tunneling protocols, and practical experience utilizing industry-standard penetration testing tools to audit internal defenses.
• Certifications: Technical certifications such as CISSP, CASP+, advanced vendor-specific engineering credentials, or relevant offensive security certifications are strongly preferred.

Pulled from the full job description

• Paid training
• 401(k)
• Health insurance
• Paid time off
• Vision insurance
• Dental insurance, * This is a full-time, office-based position in a modern, cozy environment in our Troy, MI office.
• Our standard working hours are Monday to Friday, 9:00 AM to 6:00 PM, promoting a healthy work-life balance., * Company Culture: Inclusive, supportive company culture where you are not a number, but a voice that's heard and brings value.
• Growth Path: Defined paid training and clear pathways for career development.
• Benefits: Comprehensive benefits package including PTO, sick days, paid volunteer hours, medical, dental, vision insurance, and 401(k). Take the first step towards a rewarding career in the mortgage industry with AD Mortgage. Our Recruitment team will reach out to you shortly!