Mechanicus LLC is a managed service provider with a security-forward practice — Microsoft Sentinel, Blackpoint MDR, and a real SOC workflow rather than a "we forward alerts to a third party" arrangement. Roughly a quarter of our monthly ticket volume is security work: targeted phishing investigations, malicious login attempts, SIEM triage, and MDR collaboration. We need a senior engineer who can own that work end-to-end.
We’re looking for a Tier 3 MSP Engineer who will serve as the senior technical escalation point for complex infrastructure, cloud, and security issues across client environments.
You'll be the person Tier 2 calls when the impossible-travel alert turns out to be real, when the AVD environment needs re-architecting, when a client's M365 tenant has been compromised at 2am. You'll also drive the proactive work — hardening, detection engineering, post-incident reviews — that keeps the volume from getting worse.
We don't expect you to be in the office. We do expect you to be reachable during a P1.
What You’ll Be Doing
Security Operations & Incident Response
Microsoft 365 & Identity Security
Cloud & Infrastructure Engineering
Technical Leadership
What We’re Looking For
5+ years of progressive IT experience, with at least 2 years focused on security operations (SOC analyst, security engineer, or senior engineer at a security-focused MSP).
Strong Microsoft 365 security stack experience: Defender for Office 365, Defender for Endpoint, Defender for Identity, Entra ID Protection, Conditional Access at scale.
Solid Azure fundamentals — Entra ID, AVD, networking (VNets, NSGs, Private Endpoints), RBAC, and at least familiarity with IaC (Bicep or Terraform).
Incident response experience — you've worked a real BEC, a real ransomware incident, or a real account takeover end-to-end and can talk through the timeline, the decisions, and what you'd do differently.
Nice To Have
- Certifications: SC-200, SC-300, AZ-500 (mapped directly to our Microsoft Sentinel / Entra ID / Azure security work)
- Operational experience with Blackpoint Cyber MDR — incident handoff, isolation decisions, post-incident workflow with their SOC.
- Hands-on with our full operational stack:
- HaloPSA (PSA/ticketing)
- NinjaOne / NinjaRMM (RMM)
- CIPP (M365 multi-tenant admin)
- Hudu (documentation)
- Barracuda Email Protection policy management and incident response (BEC, mass-quarantine events).
- Experience designing CIS or NIST CSF-aligned baselines for SMB clients running Microsoft 365 and Azure.
HR Information:
- Full-time, permanent role
- Salary: $80,000 – $110,000 depending on experience and certifications
- Annual performance bonus tied to security KPIs (mean time to detect, mean time to contain, recurring-incident reduction)
- Health insurance
- 401K with 3% match
- 12 days PTO to start (accrual increases with tenure) + 8 paid holidays
- Remote position (US based)
- Schedule: Mondays-Fridays, 8 AM – 5PM
- Home office stipend
Powered by JazzHR
qsVbwKM0OH