Senior Information Security Engineer

We are seeking an experienced Senior Information Security Engineer to lead critical security initiatives, design secure architectures, and respond to advanced threats. This role requires strong technical expertise, strategic thinking, and a proactive mindset to help mature our cybersecurity posture. Looking for a candidate who thrives in a fast-paced environment and does not shy away from challenges.

About Cimpress:

Led by founder and CEO Robert Keane, Cimpress invests in and helps build customer-focused, entrepreneurial mass customization businesses. Through the personalized physical (and digital) products these companies create,we empower over 17 million global customers to make an impression. Last year, Cimpress generated $3.5B in revenue through customized print products, signage, apparel, packaging and more. The Cimpress family includes a dynamic, international group of businesses and central teams, all working to solve problems, build businesses, innovate and improve.

Business Unit: National Pen

As a National Pen brand, provides custom marketing solutions to 22 countries worldwide, fostering global connections between businesses and their customers. We specialize in personalized promotional products, including writing instruments, stationery, drinkware, bags, gifts, and trade show accessories. Our operations are supported by a network of 9 facilities across North America, Europe, Africa, and India. This global presence underscores our commitment to the timely delivery of our products and services to customers across the markets we serve.

About the Role:

Key Responsibilities:

• Design and implement security architecture for infrastructure, cloud, and applications.
• Lead threat detection, incident response, and forensic analysis.
• Perform vulnerability management and penetration testing, and guide remediation efforts.
• Own and optimize SIEM, EDR, Microsoft defender for cloud and O365, CNAPP (Cloud native application protection platform), Cloud security IAM, and other security technologies.
• Collaborate with DevOps and IT to embed security best practices across systems.
• Provide technical leadership in risk assessments, audits, and compliance initiatives (ISO 27001, SOC2, GDPR).
• Mentor junior team members and contribute to InfoSec training and policy development.
• Partner with business units on risk mitigation and secure solution design.
• Responding to and completing security requests from SOC, the lead security engineer, or security manager, with assistance from relevant technical teams as needed.
• Security event monitoring, data analysis and correlation, and escalation where appropriate, using security monitoring and management tools and their outputs.
• Vulnerability management data generation and analysis (running scans in Tenable, Crowdstrike, and analyzing outputs), and escalation to appropriate teams for remediation.
• Other duties as assigned.

Required Skills & Qualifications:

• Bachelor's or Masters degree in Cybersecurity, Computer Science, I.T, or related discipline.
• Experience with Vulnerability assessment and penetration testing and hands on experience in application security domain.
• 2+ years of experience in security engineering, Security operations centre, or architecture and application security domain.
• Deep understanding of SOC, Endpoint security, Data security, network security, cloud security (AWS/Azure/GCP), and Linux/Windows hardening.

• Hands-on with tools like:

• SIEM (Splunk, Sentinel)

• EDR/XDR (CrowdStrike, SentinelOne)
• IAM, PAM, and firewall solutions
• Microsoft Defender for cloud and O365

• Orac Security: CNAPP

• Strong knowledge of encryption, secure coding, IAM, and security frameworks (NIST, MITRE ATT&CK).

• Industry certifications preferred any of these: CompTIA Security+, Microsoft SC-900, CEH, CISSP, OSCP, CISM, GIAC, or AWS Security Specialty.
• Proven experience leading security projects and mentoring teams.
• Experience with common security monitoring tools (Tenable, Solarwinds, Axonius, Aquawave, Splunk).
• Experience with EDR tools (Crowdstrike).
• Data management skills using Excel or other data management platform.

Preferred Attributes and Qualifications:

• Ability to excel in a dynamic environment with rapidly changing priorities.
• Discretion with respect to best practices in information security.
• Discretion in communication with respect to audience and nature of information communicated.
• Certifications, education, or experience to demonstrate baseline security, networking, and computing skills commensurate with 3 years' experience in security analysis.

What Youll Gain:

• Real-world exposure to enterprise security tools and workflows.
• Mentorship from experienced InfoSec professionals.
• A clear career path to mid- and senior-level security engineering roles.

Remote First-Culture:

In 2020, Cimpress adopted a Remote-First operating model and culture. We heard from our team members that having the freedom, autonomy and trust in each other to work from home and, the ability to operate when they are most productive, empowers everyone to be their best and most brilliant self. Cimpress also provides collaboration spaces for team members to work physically together when it's safe to do so or believe in office working will deliver the best results. Currently we are enabled to hire remote team members in over 20 US States as well as several countries in Europe: Spain, Germany, UK, Czech Republic, the Netherlands and Switzerland.