Senior Security Engineer

DescriptionJob Summary: The Senior Security Engineer is responsible for owning and advancing the organization’s overall security posture across infrastructure, cloud platforms, endpoints, applications, and data. This role combines strategic leadership, operational ownership, and hands-on technical expertise. This position will interface with our SOC vendor to ensure security tooling, monitoring, and findings translate into effective risk reduction and continuous improvement.You will work closely with cross-functional teams including IT, Network Engineering, Legal, HR, Compliance, and external parters to design, implement, document, and evolve security controls, policies, and procedures that support the business today and scale with future growth in a rapidly evolving environment.Essential FunctionsSecurity Strategy & GovernanceOwn and evolve the company’s security strategy, roadmap, and maturity over time, aligning security investments with business risk and priorities.Establish, maintain, enforce, and improve security policies, standards, procedures, and documentation in coordination with Legal, HR, Compliance, Privacy, and IT leadership.Define and oversee security architecture principles across on-prem, cloud, endpoint, and SaaS environments.Act as a trusted advisor to leadership on security risk, tradeoffs, and priorities.SOC & Vendor CoordinationServe as the primary point of contact and escalation for the managed SOC provider.Review and validate alerts, investigations, vulnerability findings, and recommendations from the SOC.Ensure SIEM, XDR, EDR, vulnerability management, and related tools are tuned, effective, and delivering measurable value.Translate SOC outputs into prioritized remediation plans and coordinate execution with internal teams.Operational & Hands-On Security Lead threat modeling, security risk assessments, and architecture reviews for new and existing systems.Oversee vulnerability management activities, including scanning, prioritization, remediation, and verification.Independently remediate security issues where appropriate, and partner with system owners, developers, and infrastructure teams where shared responsibility exists.Support incident response activities, including coordination with the SOC, root cause analysis, containment, remediation, and post-incident improvement.Contribute hands-on expertise across environments including:Microsoft 365 and identity platformsEndpoints (PCs, laptops, EDR)Network and perimeter security including firewalls and VPNVirtualized and Linux-based servers (RHEL primarily)AWS and cloud-native servicesCoordinate and participate in regular security audits, vulnerability scan remediations, and penetration testing.Business Continuity, Risk & ComplianceContribute to business continuity and disaster recovery planning, testing, and improvement.Partner with compliance and privacy stakeholders to ensure security controls align with regulatory and contractual obligations.Support privacy and data protection initiatives, including PIAs, security reviews of data-processing systems, and technical input for data subject requests.Mergers, Acquisitions & Third-Party SecurityAssess and integrate security controls for acquired or merged companies. Participate in due diligence activities related to mergers and acquisitions.Evaluate vendor security posture regarding security practices, risks, and business continuity.Evaluate and monitor third-party applications and systems for adherence to sufficient security standards.Security Culture & EnablementPromote a culture of security awareness and shared responsibility across the organization.Provide guidance and practical support to teams in designing, building, and operating systems securely.Data and Data PrivacyPartner with the Data Privacy Officer to ensure security controls align with privacy obligations.Define and enforce data classification, retention, and secure disposal standards.Support data subject rights requests (access, deletion, portability) from a technical/security perspective.Conduct privacy impact assessments (PIA’s) and security reviews for systems that process personal data.Knowledge, Skills And Abilities RequiredNetwork Security principles (firewalls, VPNs, routing, VLANS)Security ProtocolsCloud SecurityNetwork monitoring solutionsIncident response and digital forensics.Understanding network architecture is a strong plus.Critical thinking skills and ability to solve complex problems.Knowledge of Database security and a variety of operating systems.Proven experience developing, operating and maintaining security systems.Familiarity with data protection regulations (GDPR, CCPA) and privacy-by-design principles.Other RequirementsBachelor’s degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.6+ years of experience in cybersecurity or security engineering roles, with demonstrated ownership of security initiatives.Experience operating at a senior or lead level, influencing across teams without direct authority.Relevant certifications such as CISSP, CISM, CCSP, or similar are a plus, but practical experience is valued equally.CompensationOur job titles may span more than one career level. The salary for this position is between $126,000.00 - $150,000.00. The actual salary offered may be influenced by a variety of factors, such as: training, transferable skills, work experience, education, business needs, market demands and work location. The base pay range is subject to change and may be modified in the future. More information on offered benefits, which include health, welfare, and retirement, are available at www.greenlightnetworks.com/careers/ .About the Organization Deliver an exceptional experience. Make a real impact. Grow with us.At Greenlight Networks, we're not just building a network-we're building stronger, more connected communities. Founded in 2011, Greenlight Networks designs, builds, and operates a high-speed fiber-optic network delivering internet speeds up to 8 Gigabits per second to homes and small businesses. Today, we serve more than 225,000 homes and nearly 10,000 businesses across New York, with continued expansion into Pennsylvania and Baltimore.Our mission is to connect our communities by delivering the best internet experience and providing our customers the freedom to work, play, and live without limits!EOE Statement Greenlight Networks is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: Greenlight Networks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Greenlight Networks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, sex, national origin, disability status, veteran status, domestic violence victim status or any other characteristic protected by the laws or regulations in the locations we operate. Greenlight Networks will not tolerate discrimination or harassment based on any of these characteristics. Greenlight Networks encourages applicants of all ages.