Job Description
Job DescriptionSenior Cybersecurity Specialist
Location: Omaha, NE (on-site)
Schedule: Full-Time
Experience Level: Senior-Level (3–5 years)
About SecureSky
SecureSky provides outsourced cybersecurity services that strengthen and supplement our clients’ security operations and posture. Our clients span energy, manufacturing, healthcare, financial services, real estate, insurance, and local government.
Position Highlights
SecureSky is seeking an experienced and driven Senior Cybersecurity Specialist to join our operations team and take a leading role in protecting clients across a rapidly evolving threat landscape. This role is suited for professionals with 3–5 years of hands-on experience who are ready to move beyond day-to-day triage into owning client-specific threat and exposure management programs, shaping detection strategy, and providing senior-level guidance on security direction.
This position supports SecureSky’s Managed Detection and Response (MDR) services, with deep, hands-on ownership of Microsoft Sentinel SIEM/SOAR, Microsoft Defender XDR, and SecureSky’s proprietary Continuous Threat Exposure Management (CTEM) platform. You’ll work across Microsoft’s security ecosystem, including identity, endpoint protection, data security, cloud app governance, detection engineering, and SecOps automation, helping define how SecureSky and its clients use these tools to reduce risk.
Who We Are Looking For
We’re looking for people who love cybersecurity, enjoy working directly with clients, and want to take ownership of building programs and shaping how SecureSky delivers security outcomes.
What You Will Do
- Advanced Threat Detection and Response. Lead investigation and response for complex or escalated threats, applying deep hands-on expertise in Microsoft Sentinel and Microsoft Defender XDR.
- Client-Specific Program Development. Design, build, and direct client-specific exposure and threat management programs, tailoring detection logic, hunting hypothesis/ad-hoc scenarios, and CTEM strategy to each client’s environment and risk profile.
- Threat Landscape and Roadmap Guidance. Develop a deep understanding of each client’s threat landscape and security maturity, and translate that into guidance and incorporation into the client’s overall security roadmap.
- Security Technology Architecture and Optimization. Lead advanced configuration, tuning, and optimization of Microsoft security tools, and evaluate new capabilities as the threat landscape evolves.
- Client Advisory Communication. Serve as a trusted advisor to clients, presenting findings, strategic recommendations, and roadmap direction, and guiding their security decision-making.
- Mentorship and Training. Mentor junior analysts, review their investigations and detection content, and lead development of repeatable playbooks, detection logic, and best practices across the team.
What You Bring
- Bachelor’s degree or equivalent, with a concentration or substantial coursework in cybersecurity.
- 3 to 5 years of hands-on experience with Microsoft Sentinel and Microsoft Defender XDR, including configuration, detection engineering, and day-to-day operation in a SOC or MDR environment.
- Demonstrated experience building or directing client-specific exposure and threat management programs, not just executing predefined playbooks.
- Ability to assess a client’s threat landscape and security maturity, and translate that assessment into a clear roadmap and senior-level guidance.
- Strong working knowledge of common cybersecurity attack vectors, threat intelligence, and the broader Microsoft security ecosystem (identity, endpoint, data security, cloud app governance).
- Strong client-facing communication and presentation skills, with experience advising stakeholders on security strategy and direction.
- Ability to work independently, prioritize across multiple clients, and mentor less experienced team members.
- Previous experience in a technical service provider or MSSP/MDR role is strongly preferred.
- Microsoft-based certifications (for example, SC-200 (Security Operations Analyst Associate), SC-300 (Identity and Access Administrator Associate), or AZ-500 Azure Security Engineer Associate) are a plus. If you haven’t yet earned these, you will be expected to complete them while at SecureSky.
If you’re ready to take ownership of client security outcomes, and help shape SecureSky’s approach to threat and exposure management, we’d love to talk.
