ComResource is looking for a Senior IT & Security Operations Engineer.

We need someone to assist in managing IT operations and security operations across multiple client environments while ensuring operational reliability and strong security posture.

Responsibilities:

• Serve as the primary IT operations resource across client environments.
• Lead endpoint management programs, including MDM administration, patching strategies, device lifecycle management, and security baseline enforcement.
• Administer identity and access management platforms, including Azure AD/Entra ID, Okta, conditional access, and privileged access controls.
• Support enterprise infrastructure, including networking, collaboration platforms, and enterprise applications.
• Drive IT service management processes, including incident management, problem tracking, runbook development, and documentation standards.
• Manage vendor relationships and escalation processes for client environments.
• Support user onboarding, offboarding, and lifecycle management processes.
• Monitor security alerts through SIEM platforms and conduct alert triage, investigation, and escalation.
• Lead incident response activities, including containment, remediation, and post-incident reporting.
• Manage vulnerability management programs, including scanning, prioritization, and remediation tracking.
• Administer endpoint protection and identity security monitoring tools.
• Support compliance initiatives including SOC 2, ISO 27001, NIST CSF, and PCI-DSS programs.
• Produce client-facing documentation, runbooks, and operational deliverables.
• Mentor junior engineers and contribute to internal knowledge sharing.

Essentials:

• 5+ years of hands-on experience across IT operations and security operations.
• Strong macOS administration experience, including Jamf Pro and macOS security hardening.
• Experience managing mixed macOS and Windows endpoint environments.
• Experience with MDM platforms such as Jamf Pro or Microsoft Intune.
• Strong identity management experience with Azure AD/Entra ID, Okta, and MFA administration.
• Experience working with SIEM tools such as Microsoft Sentinel, Splunk, or Elastic.
• Experience managing vulnerability programs using tools such as Tenable, Qualys, or Rapid7.
• Cloud security and operations experience with at least one major cloud provider (AWS, Azure, or GCP).
• Strong written and verbal communication skills.

Desired:

• Experience supporting compliance frameworks such as SOC 2, PCI-DSS, ISO 27001, or HIPAA.
• Experience with endpoint detection and response tools such as CrowdStrike, Defender for Endpoint, or SentinelOne.
• Application security exposure including DAST or SAST tools.
• Experience with AI tools such as ChatGPT, Copilot, or similar automation platforms.
• Experience with security certifications such as CySA+, CISSP, GSEC, GCIA, or GCIH.
• Experience working in consulting, MSP, MSSP, or multi-client environments.

Req ID: AM29777635