Sr. Security Engineer

Neptune Technology Group Inc.
is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities – revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers – so they can remain focused on
the business of water
. For additional information, please visit the company website at

.

Sr. Security Engineer

Position Summary:

As a Senior Security Engineer, you will play a critical role in Neptune's cybersecurity program, focusing on implementing and maintaining security solutions across a hybrid environment (on-prem, cloud, SaaS). You'll collaborate with the SOC Manager and IT teams to strengthen detection, response, and prevention capabilities while ensuring compliance with industry standards.
In addition to engineering responsibilities, you will provide technical support to Incident Response activities, assisting with containment, remediation, and forensic analysis when needed.

Responsibilities:

Security Engineering

• Design and implement secure configurations for systems, networks, and cloud environments
• Develop and maintain security controls aligned with zero trust principles
• Support network segmentation and secure-by-design initiatives

Security Engineering

• Implement and maintain security tools and integrations (SIEM, EDR, IAM, NGFW, etc.)
• Develop and optimize detection rules, correlation logic, and automation workflows
• Ensure reliable telemetry and logging across all assets
• Build SOAR playbooks and custom scripts to streamline incident handling
• Support secure configurations and system hardening across endpoints, networks, and cloud environments

Threat Detection & Monitoring

• Optimize SIEM and EDR integrations for high-fidelity alerting
• Engineer detection logic and automation workflows to reduce false positives
• Collaborate with SOC analysts to enhance threat visibility

Incident Response & Forensics

• Build and refine incident response playbooks and automation scripts
• Provide engineering support during active incidents, including containment and remediation
• Assist with forensic investigations and root cause analysis
• Participate in tabletop exercises and readiness drills

Identity & Access Management

• Implement IAM solutions enforcing least privilege and secure authentication
• Integrate identity monitoring tools and automate privilege escalation alerts

Threat Intelligence & Modeling

• Incorporate threat intelligence into detection and prevention strategies
• Contribute to threat modeling exercises to identify attack paths

Compliance & Reporting

• Ensure security solutions meet NIST, ISO, and regulatory requirements
• Provide technical input for security metrics and executive reporting

Relevant Platforms (experience with several is expected):

• SIEM/SecOps:
  e.g. Google SecOps (Chronicle)
• EDR & Identity:
  e.g. CrowdStrike, Microsoft AD/Entra
• Network Security:
  e.g. FortiGate NGFW, FortiSASE
• Secure Browsing:
  e.g. Prisma
• Patching & Config:
  e.g. Automox
• Secrets Management:
  e.g. Keeper
• Asset Management:
  e.g. Axonius, Cyclops
• Email & Data Security:
  e.g. Mimecast, Microsoft Purview

Minimum Qualifications:

• Bachelor's degree (or equivalent experience)
• 3+ years in Security Operations or Incident Response
• Hands-on experience with SIEM, EDR, and threat detection
• Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles
• Strong analytical and communication skills

Preferred Qualifications:

• Security certifications (e.g., GCIH, GCIA, CISSP)
• Experience with cloud security (AWS, Azure, GCP)
• Exposure to SOAR automation and scriptingTravel Requirements: Typically requires overnight travel less than 10% of the time.

Travel Requirements:
Typically requires overnight travel less than 10% of the time.

Location:
Duluth, GA, Tallassee, AL