Security Engineer

Details

• Run Coterie’s recurring user access reviews under the direction of the Principal Security Architect, coordinating with system owners to certify access and remove stale or over-provisioned entitlements across our environments
• Gather, organize, and validate evidence to support compliance testing and audits, following established procedures to build evidence packets that trace access and changes from request through approval
• Administer our privileged access management program with oversight, focusing on endpoint privilege management, operating local administrator elevation, least-privilege policies, and just-in-time access on endpoints within approved guardrails
• Support time-bound, approved, and reviewed privileged access through Azure Privileged Identity Management (PIM), including role assignments and periodic recertification of privileged identities
• Triage and respond to security operations alerts from our SIEM and endpoint tooling under the guidance of senior engineers, escalating, documenting, and helping close out incidents
• Run the day-to-day administration of our security awareness program, including building, scheduling, and reporting on phishing simulations and assigning follow-up training
• Follow and maintain the procedures, standards, and documentation the team has established for access reviews, privileged access, and related security operations workflows
• Utilize a risk-based approach to your day-to-day work and surface pain points and recommend continuous-improvement ideas for these programs and processes
• Partner with IT operations, engineering, and compliance teams to help close access and process gaps and mature Coterie’s security posture
• Take on other security operations tasks that support the team, such as detection tuning, vulnerability remediation tracking, and tooling evaluations, as directed and as priorities shift
• 3–5 years of experience in security operations, identity/access administration, or a related technical role
• Experience with cloud-native enterprise services
• Solid understanding of identity and access management concepts, including authentication, authorization, least privilege, and role-based access control
• Hands-on experience with privileged access management, with specific experience in endpoint privilege management (managing local administrator rights and elevation)
• Experience running or supporting access reviews and access certifications, and removing unneeded access
• Familiarity with compliance frameworks (e.g., SOC 1, SOC 2, SOX) and supporting the collection of audit evidence
• Comfortable triaging alerts from a SIEM or endpoint security tooling and following documented response procedures
• Experience administering or supporting a security awareness or phishing simulation platform
• Comfortable operating established programs and processes under direction, while contributing ideas to improve them
• Self-motivated, detail-oriented, organized, and able to manage recurring deadlines across multiple workstreams
• Exceptional written and verbal communication, with the ability to document processes clearly
• Experience with Azure Privileged Identity Management (PIM) and Azure RBAC
• Experience with an endpoint privilege management solution (e.g., CyberArk EPM, Admin By Request, BeyondTrust)
• Experience administering Okta and Microsoft 365 / Entra ID
• Familiarity with Microsoft Sentinel (or another SIEM) and basic KQL
• Experience with a security awareness platform
• Security certifications (e.g., Security+, SC-900, SC-300, CySA+) or cloud certifications (e.g., AZ-500)
• Phase 1: Qualified candidates will first meet with a member of our People Operations team for a phone interview. This discussion is a high-level conversation to understand more about your background and interests and for us to share more about Coterie and the position.
• Phase 2: Selected candidates will be invited to meet with our Hiring Manager for a 2nd interview via Teams video. This interview is designed to be more detail oriented and allows you to learn more about the role and expected to be 30 minutes in length.
• Phase 3: Top candidates will be invited to participate in an experiential exercise and team member interviews. This will include a project provided in advance along with a 1-hour project deep dive interview conducted with our hiring manager and additional team members. This series is expected to be 1.5 hours in total.
• Phase 4: Final candidates will be invited to the final interview. This interview will include 1:1 meeting with a member of our senior leadership team and is expected to be 30 minutes in length.
• 100% remote
• Health insurance through Aetna (we pay 100% of premiums)
• Dental and vision insurance through Guardian (we pay 100% of premiums)
• Basic life insurance (we pay 100% of premiums)
• Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)
• 401K plan (up 4% match with immediate vest). Must be 21 years of age or older to participate
• Flexible PTO policy offering employees up to 4 weeks of PTO in their first 12 months. Thereafter, PTO usage aligns with company standards and typically does not exceed 5 weeks per calendar year.
• 12 company-paid holidays each year
• Continuing education annual stipend
• Annual salary estimated between 90,000-110,000 based on national data. Candidates who meet all the minimum requirements and possess additional relevant experience, as outlined in the job description, may be considered for a salary above the midpoint of the above range. Salary is based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; degrees or certifications, etc.