Senior Information Security Engineer

Milliman, Inc.
Seattle, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 250K

Job location

Seattle, United States of America

Tech stack

Artificial Intelligence
Azure
Software as a Service
Cloud Computing
Computer Security
Data Discovery
Information Leak Prevention
Data Security
Digital Forensics
Identity and Access Management
Intrusion Detection and Prevention
Machine Learning
Kusto Query Language
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Enterprise Software Applications
Data Classification
Mitre Att&ck
Generative AI
Malware
AI Platforms
Cybercrime
Data Analytics
Microsoft Sentinel
CIS Benchmarks
Security Orchestration, Automation & Response

Job description

The Information Security Engineer - Security Operations & Threat Detection is responsible for designing, implementing, and continuously enhancing enterprise security operations capabilities to defend against evolving cyber threats. This role serves as a technical leader within the Security Operations function, specializing in threat detection, security monitoring, incident response, threat hunting, vulnerability management, malware analysis, and security automation across cloud, on-premises, and hybrid environments. The engineer develops scalable detection and response capabilities, drives continuous improvement of security operations maturity, and partners closely with cross-functional teams to strengthen defensive controls and reduce organizational risk. This role also provides actionable security intelligence, supports rapid response to emerging threats, and mentors team members while advancing the effectiveness and resilience of the enterprise security program., * Design, implement, and continuously improve enterprise security capabilities that protect data, systems, and business operations across cloud, on-premises, SaaS, hybrid, and AI-enabled environments.

  • Develop and maintain security controls and detection capabilities for data protection, threat monitoring, threat hunting, and incident response, leveraging threat intelligence and adversary TTPs to reduce organizational risk.
  • Lead security investigations and response activities by analyzing complex security events, conducting forensic analysis, coordinating containment and remediation efforts, and helping prevent future incidents through lessons learned and control enhancements.
  • Drive enterprise data security initiatives, including data discovery, classification, encryption, data loss prevention (DLP), access governance, secure data lifecycle management, and protection of sensitive and regulated information.
  • Provide security architecture, risk management, and governance expertise for emerging technologies, including artificial intelligence, generative AI, machine learning platforms, AI agents, third-party AI services, and cloud-based solutions.
  • Collaborate with engineering, infrastructure, cloud, identity, data, compliance, and business teams to embed secure-by-design principles, perform threat modeling, assess risk, and implement effective security controls across enterprise technologies and projects.
  • Develop and maintain security automation, standards, procedures, playbooks, and technical guidance that improve operational efficiency, strengthen security controls, and support consistent security practices across the organization.
  • Support security governance, compliance, and audit activities by performing risk assessments, validating control effectiveness, assessing third-party security risks, and ensuring alignment with organizational policies, regulatory requirements, and industry best practices.
  • Drive continuous improvement of the security program through process optimization, control validation, metrics, reporting, innovation, and mentoring while promoting industry best practices for cybersecurity, data protection, privacy, and AI security., Independent for over 77 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world's most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation. Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance and financial services, and property and casualty insurance. EQUAL OPPORTUNITY: All qualified applicants will receive consideration for employment, without regard to race, color, religion, sex, sexual orientation, national origin, disability, or status as a protected veteran. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

Requirements

  • Knowledge of security frameworks and standards such as NIST CSF, NIST AI RMF, ISO 27001, CIS Controls, and related regulatory or compliance requirements.
  • Strong experience with Microsoft Sentinel engineering, including KQL development, detection tuning, and advanced security monitoring across enterprise environments.
  • Strong knowledge of data protection principles, including data classification, DLP, encryption, identity and access management, security monitoring, and incident response.
  • Expertise in Threat Hunting utilizing the MITRE ATT&CK framework, coupled with Threat Intelligence Integration to proactively identify and investigate emerging threats.
  • Hands-on experience with Incident Response & Digital Forensics, including advanced investigations, containment, remediation, and post-incident analysis.
  • Proficiency in Detection-as-Code, CI/CD pipelines, Python scripting, and SOAR playbook automation to improve detection quality, operational efficiency, and response consistency.
  • Deep knowledge of Microsoft Defender Suite (MDE, MDI, MDO), Azure, and Entra ID security monitoring, with the ability to correlate telemetry across cloud, identity, and endpoint security platforms.

Benefits & conditions

life insurance, parental leave, paid time off, paid holidays, 401(k), The overall range for this role is $151,340 - $249,780. A combination of factors will be considered, including, but not limited to, education, relevant work experience, qualifications, skills, certifications, etc., We offer a comprehensive benefits package designed to support employees' health, financial security, and well-being. Benefits include:

  • Medical, Dental and Vision - Coverage for employees, dependents, and domestic partners.
  • Employee Assistance Program (EAP) - Confidential support for personal and work-related challenges.
  • 401(k) Plan - Includes a company matching program and profit-sharing contributions.
  • Discretionary Bonus Program - Recognizing employee contributions.
  • Flexible Spending Accounts (FSA) - Pre-tax savings for dependent care, transportation, and eligible medical expenses.
  • Paid Time Off (PTO) - Begins accruing on the first day of work. Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis.
  • Holidays - A minimum of 10 paid holidays per year.
  • Family Building Benefits - Includes adoption and fertility assistance.
  • Paid Parental Leave - 11 weeks of paid leave for employees who meet eligibility criteria.
  • Life Insurance & AD&D - 100% of premiums covered by Milliman.
  • Short-Term and Long-Term Disability - Fully paid by Milliman.

Apply for this position