We are looking for a Staff Security Engineer at a Managed Service Provider (MSP) who is a high-level technical leadership role. Unlike a standard Security Engineer who might focus on a single organization’s perimeter, a Staff Engineer at an MSP must design, oversee, and scale security solutions across hundreds of diverse client environments.
They act as the "architect-in-chief," balancing deep technical execution with high-level strategy and mentorship.
Core Responsibilities
At the Staff level, the focus shifts from "doing the work" to "defining how the work is done" across the entire MSP fleet.
1. Security Architecture & Strategy
- Scalable Standard Operating Procedures (SOPs): Design security baselines (NIST, CIS, or ISO 27001) that can be applied to clients ranging from small dental offices to mid-market enterprise firms.
- Tooling Selection: Evaluate and select the "MSP Stack"—SIEM/MDR platforms, EDR/XDR solutions, and automated vulnerability scanners—ensuring they support multi-tenancy.
- Product Development: Partner with the Product or Sales teams to build new "Security-as-a-Service" offerings (e.g., vCISO services or Managed Phishing Simulation).
2. High-Level Technical Leadership
- Tier 4 Escalations: Act as the final point of escalation for complex security breaches or persistent threats that Tier 1–3 analysts cannot resolve.
- Automation & Scripting: Write advanced scripts (Python, PowerShell, Bash) to automate threat hunting and remediation across thousands of endpoints simultaneously.
- Cloud Security Mastery: Secure multi-cloud environments (Azure, AWS, GCP) for clients, ensuring proper identity management (MFA/Conditional Access) and data encryption.
3. Mentorship & Governance
- Team Upskilling: Mentor Junior and Senior Engineers, conducting code reviews and architectural deep-dives.
- Compliance & Auditing: Lead clients through regulatory audits (HIPAA, GDPR, PCI DSS) and ensure the MSP itself remains compliant (SOC2).
Required Skills & Qualifications
A Staff Engineer is expected to have 8–12+ years of experience in IT and Security.
| Category | Key Requirements |
| Technical Depth | Mastery of EDR/XDR, SIEM (e.g., Sentinel, Splunk), Firewalls (Fortinet, Palo Alto), and Identity (Azure AD/Entra ID). |
| Cloud Expertise | Deep knowledge of cloud-native security tools and Zero Trust architecture. |
| Development | Proficiency in Python or PowerShell for API integrations and security automation. |
| Soft Skills | Ability to explain "zero-day" risks to non-technical business owners (CEOs/CFOs). |
| Certifications | CISSP (highly preferred), CISM, CCSP, or advanced provider certs (AZ-500, PCNSE). |