Sr. IT Security Engineer

About Kaseya

Kaseya is the leading provider of AI-powered IT management and cybersecurity software, serving Managed Service Providers (MSPs) and internal IT organizations worldwide. Our comprehensive platform helps organizations efficiently manage, secure, and automate their IT environments, driving operational efficiency and long-term business success.

Backed by Insight Partners, a leading global software investor, Kaseya has experienced sustained double-digit growth and continues to expand its global footprint. Today, Kaseya supports customers in more than 20 countries and manages over 15 million endpoints worldwide.

Founded in 2000, Kaseya has built a culture centered around innovation, accountability, and results. We are a high-growth, high-performance organization that values individuals who are driven, adaptable, and committed to delivering exceptional outcomes for our customers and teammates alike.

At Kaseya, success comes from embracing challenges, moving with urgency, and continuously raising the bar.

Job Summary

We are seeking an experienced and highly technical Senior Security Engineer to support and advance the organization’s cybersecurity posture. This role is responsible for designing, implementing, and validating security controls across identity, infrastructure, endpoint, and cloud environments. The Senior Security Engineer will partner closely with Identity, SecOps, GRC, Infrastructure, and End User Technology teams to protect information assets, reduce risk, and ensure compliance with security standards and best practices.

Key Responsibilities

Security Operations & Architecture

• Analyze and report on organizational security posture, including identity, endpoint, network, and cloud environments.
• Design and assess security architectures and control frameworks aligned to least privilege, zero trust, and defense‑in‑depth principles.
• Evaluate access controls, authentication mechanisms, and authorization models for effectiveness and compliance.
• Review configuration, change, and release management processes to ensure secure system configurations.

Strategy & Control Implementation

• Contribute to the development and execution of IT security strategies aligned with business and technology objectives.
• Implement and validate security controls to ensure confidentiality, integrity, availability, authentication, and non‑repudiation.

Identity & Access Management (IAM)

• Partner with Identity Engineers to implement, operate, and mature IAM and Privileged Access Management (PAM) platforms.
• Design and enforce role‑based access control (RBAC), conditional access, and least‑privilege models across enterprise systems.
• Support lifecycle identity management including joiner/mover/leaver processes and access provisioning automation.
• Implement and validate MFA, passwordless authentication, and privileged elevation workflows.
• Conduct periodic access reviews, entitlement certifications, and privileged account audits.
• Identify and remediate identity‑related risks such as excessive privileges, stale accounts, and misconfigured access policies.

Threat, Vulnerability & Risk Management

• Perform vulnerability assessments and security reviews in partnership with SecOps.
• Coordinate remediation of vulnerabilities through patching, configuration changes, or compensating controls.
• Mitigate or document risk acceptance for security deficiencies identified during assessments or audits.
• Validate minimum security requirements for applications, infrastructure, and cloud services.

Research, Documentation & Reporting

• Stay current on emerging threats, identity attack vectors, and security technologies.
• Evaluate and recommend tools to improve security visibility and control effectiveness.
• Maintain accurate security documentation, architecture diagrams, and operational procedures.
• Provide actionable security recommendations and risk insights to leadership.

Policy & Compliance

• Support the development and enforcement of security policies, standards, and procedures in collaboration with GRC and Security teams.
• Ensure alignment with regulatory requirements and industry best practices.

Qualifications

Education

• Bachelor’s degree in Information Security, Computer Science, or a related field.

Experience

• 5+ years of progressive experience in cybersecurity or information security engineering.
• CISSP, CISM, or similar certifications preferred.

Skills

• Strong understanding of cybersecurity principles, identity security, and access control models.
• Deep knowledge of IAM concepts including RBAC, MFA, PAM, SSO, federation, and identity governance.
• Ability to collaborate across infrastructure, identity, cloud, and business teams.

Tools & Technologies

• SIEM: Azure Sentinel
• Endpoint Security: Microsoft Defender for Endpoint, CrowdStrike
• Network Security: Palo Alto, Cisco ASA
• IAM / PAM: Microsoft Entra ID, CyberArk
• Vulnerability Management: Qualys, Rapid7
• Encryption: BitLocker, PGP
• Incident Response: Mandiant, FireEye, Carbon Black
• Cloud Security: Azure Security Center, AWS Security Hub, GCP Security, Oracle OCI Security Center

Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.