Job Description

We are looking for a talented and driven Senior Security Engineer II to join our expanding security team. In this role, you will be instrumental in strengthening and maintaining our organization’s security posture while also supporting the security of our products and services.

This is a hands-on position that requires a strong grasp of multiple security domains and the ability to thrive in a dynamic, fast-paced environment. You will design, implement, and maintain security infrastructure to protect enterprise systems, networks, and data from cyber threats while ensuring compliance with regulatory standards. Collaboration will be key as you work closely with IT, compliance, and business teams to implement security best practices, monitor risks, and respond promptly to security incidents.

This role is primarily responsible for designing, implementing, and managing Microsoft security solutions—including Purview, Entra, and Defender Cloud—to ensure robust data governance, compliance, and risk management across the organization’s data assets. A key focus will be maintaining compliance with HIPAA (Health Insurance Portability and Accountability Act), HITECH (Health Information Technology for Economic and Clinical Health Act), and AICPA requirements. The Security Engineer will play a vital role in safeguarding Protected Health Information (PHI) throughout its lifecycle within Microsoft 365 and Azure environments.

Secondary responsibilities include leading projects and implementing initiatives within Information Governance, Vulnerability Management, Asset Management, and Access Management domains across the organization.

This position can sit remotely or at any of our office locations.

Travel Expectations: This role requires minimal travel, less than 10% per year.

You Will

• Implement and Manage Cloud Security Controls: Apply cloud security best practices across corporate and cloud environments (preferably Microsoft Azure) to monitor, maintain, and continuously improve enterprise security posture.
• Framework Alignment & Compliance: Ensure alignment with industry-standard security frameworks and regulatory requirements (e.g., ISO/IEC 27001, NIST, HIPAA, SOC 2, AICPA Trust Services Criteria).
• Data Governance & Compliance Tools: Design, deploy, and maintain Microsoft Purview features including data cataloging, classification, lineage, and compliance policies.
• Identity and Access Management: Administer and optimize identity management and access control systems, including Microsoft Entra ID (Azure AD), to ensure secure authentication and authorization.
• Incident Response: Support the development, execution, and continuous improvement of incident response procedures, including active participation during security incidents.
• Policy/Standard/Procedure Development: Create, update, and enforce security policies, standards, and procedures aligned with organizational goals and compliance requirements.
• Security Architecture Collaboration: Work closely with IT and architecture teams to embed security controls into system and application design.
• Security Tooling & Technology Evaluation: Research, recommend, and assist in the implementation of modern security technologies and solutions to enhance defenses.
• Network and Protocol Security: Leverage knowledge of networking fundamentals and security protocols to ensure proper segmentation, encryption, and protection of corporate assets.
• Application Security Participation: Support application security initiatives including secure development practices, vulnerability management, and remediation workflows.
• Cloud Defense Platforms: Administer Microsoft Defender for Cloud and other cloud-native security tools to detect and respond to threats.

Additional Responsibilities:

• Perform other security-related tasks and initiatives as required in support of evolving organizational needs and technology initiatives.
• Actively contribute to cross-functional projects involving information security, privacy, risk, and compliance.

You Have

• Strong technical expertise in O365, Microsoft 365 Purview, Microsoft Purview in Azure, Microsoft Defender, and Entra.
• Understanding of security within on-premise infrastructure using VMWare and Azure Hybrid environments.
• Proven experience designing, deploying, and managing Microsoft Purview environments.
• Deep understanding of ISO 27001, NIST CSF, HIPAA, AICPA, and SOC 2 frameworks, including associated Privacy and Security Rules.
• Hands-on experience implementing technical safeguards to meet HIPAA and other regulatory requirements.
• Solid knowledge of cloud security best practices and identity/access management principles.
• Proficiency in data classification, labeling, and Data Loss Prevention (DLP) strategies.
• Strong communication, collaboration, documentation, and problem-solving skills.
• Ability to work both independently and collaboratively within cross-functional teams.

Education:

• Bachelor’s degree in Computer Science, Information/Cyber Security, or a related field (or equivalent professional experience)

Experience:

• 7+ years of experience in cybersecurity, including at least 2 years in enterprise environments
• Industry certifications such as CISSP, CISM, CEH, or GIAC (preferred)
• Strong expertise in network, system, and cloud security
• Cloud-specific security certifications (e.g., Microsoft Azure, Microsoft Purview, AWS Certified Security)
• Experience in cybersecurity vendor environments
• Proficiency with Microsoft Records Management and/or Information Governance processes
• Advanced knowledge of cloud security, particularly with Azure and GCP; experience with other data catalog and governance tools (e.g., Collibra, Alation, Informatica)
• Client-facing consulting experience in compliance, data governance, and regulatory alignment

Compensation Details

The base salary range targeted for this role is $155,000-180,000. This position may also be eligible for a discretionary annual bonus based on factors such as company and personal performance. This salary range represents BerryDunn’s good faith and reasonable estimate of the range of possible compensation at the time of posting. If an applicant possesses experience, education, or other qualifications more than the minimum requirements for this posting, that applicant is encouraged to apply, and a final salary range may then be based on those additional qualifications; compensation decisions are dependent on the facts and circumstances of each case. The salary of the finalist selected for this role will be based on a variety of factors, including but not limited to years of experience, depth of experience, seniority, merit, education, training, amount of travel, and other relevant business considerations.

BerryDunn Benefits & Culture

Our people are what make BerryDunn special, and in return we strive to support our employees and help them thrive. Eligible employees have access to benefits that go beyond what’s expected to support their physical, mental, career, social, and financial well-being. Visit our website for a complete list of benefits and a look into our culture: Experience BerryDunn.

We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process or perform essential job functions. Please contact careers@berrydunn.com to request an accommodation.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

About BerryDunn

BerryDunn is the brand name under which Berry, Dunn, McNeil & Parker, LLC and BDMP Assurance, LLP, independently owned entities, provide services. Since 1974, BerryDunn has helped businesses, nonprofits, and government agencies throughout the US and its territories solve their greatest challenges. The firm’s tax, advisory, and consulting services are provided by Berry, Dunn, McNeil & Parker, LLC, and its attest services are provided by BDMP Assurance, LLP, a licensed CPA firm.

BerryDunn is a client-centered, people-first professional services firm with a mission to empower the meaningful growth of our people, clients, and communities. Led by CEO Sarah Belliveau, the firm has been recognized for its efforts in creating a diverse and inclusive workplace culture, and for its focus on learning, development, and well-being. Learn more at berrydunn.com.