• Lead the engineering, configuration, deployment, and operational maintenance of the organization’s cybersecurity toolset, with a primary focus on Microsoft Defender (EDR/XDR, MDR), Microsoft Sentinel (SIEM/SOAR), and Microsoft Purview.
• Implement key initiatives from the organization’s three-year cybersecurity strategic roadmap, translating strategic objectives into actionable technical solutions.
• Design and maintain security automations, detections, and response playbooks to improve efficiency, consistency, and response time.
• Develop, document, and maintain technical cybersecurity standards, architectures, and engineering patterns that guide IT Infrastructure, Operations, and Applications teams.
• Serve as a subject matter expert for Microsoft on-premises and cloud security controls within a hybrid Active Directory environment transitioning to Azure and cloud-native services.
• Collaborate closely with IT Infrastructure, Operations, and Applications teams to ensure security is embedded into system designs, migrations, and operational processes.
• Continuously evaluate security tooling, configurations, and architectures against industry best practices and evolving threats.
• Support incident response activities by providing advanced technical expertise, root cause analysis, and recommendations for long-term remediation.
• Maintain clear technical documentation related to security platforms, configurations, and operational procedures.
• Mentor and provide technical guidance to cybersecurity team members and peer technology teams.

What we need from you. 

• Completion of a bachelor’s degree in cybersecurity, information technology, computer science, or a related field, or equivalent formal training or certification (e.g. CISSP).
• Seven or more years of progressive experience in cybersecurity engineering, security architecture, or related technical roles.
• Strong hands-on experience designing, configuring, and supporting Microsoft security platforms, including Microsoft Defender, Sentinel, and Purview, or comparable enterprise security technologies.
• Demonstrated experience securing hybrid environments involving on-prem Active Directory and cloud identity platforms such as Azure AD (Entra ID).
• Advanced understanding of security engineering principles, including endpoint protection, identity security, logging and monitoring, threat detection, and response.
• Proficiency with PowerShell and experience with additional scripting or automation languages (e.g., Python, KQL) to support security operations and automation.
• Familiarity with security frameworks and best practices (such as NIST, CIS, or ISO 27001) and the ability to translate them into technical controls.

What you’ll get from us.

At Sheppard Pratt, you will work alongside a multi-disciplined team led by a bold vision to change lives. We offer:

• A commitment to professional development, including a comprehensive tuition reimbursement program to support ongoing education and licensure and/or certification preparation
• Comprehensive medical, dental and vision benefits for benefit eligible positions
• 403b retirement match
• Generous paid-time-off for benefit eligible positions
• Complimentary Employee Assistance Program (EAP)
• Generous mileage reimbursement program

Pay for this position is determined on a number of factors, including but not limited to, years and level of related experience. The pay range for this position is between $106,455.86 and $175,000. 

 

• Who will be listed as the hiring manager and should be sent the applications? I can add additional users to also view the requisition and applicants.

Scott Mirabito

• Is this position fully in-person or hybrid?

Hybrid

• Will this position be working out of the Towson hospital? Any travel to other sites required?

Towson

• What specific screening questions should I include? Ex: questions regarding experience, situational examples, etc

Nothing yet—we’ll refine as we begin to talk to applicants

• What are "must haves" from applicants? "Nice to haves"?

They need to have substantial, hands-on technical knowledge of Microsoft security tooling, particularly the Defender suite and Sentinel. This is our first hire for the Security Engineering program, and as such we need this person to hit the ground running and lead the charge for Sheppard Pratt. We’re in the early stages of cloud migration, so the applicant should be familiar with that process and securing that kind of environment. They will therefore have to have knowledge of securing Azure and Entra ID. Finally, they will need to have strong knowledge of PowerShell and KQL.

Nice to haves would include experience with other kinds of security tools and services.

Experience with the Microsoft Purview suite of security tools would be very helpful.

• How would you like to handle the interview process? (Would you like me to schedule the initial 30 min virtual interview? How many rounds of interviews and with who? How quickly are you looking to hire?)

If you wouldn’t mind performing the initial screening just to verify basic qualifications, that would be helpful. After that, a one-hour interview with me. I’m not sure about a final round—that’s up to Mark, but possibly 30 minutes to an hour with him or a panel with a few folks.