Own and enhance enterprise security monitoring capabilities across SIEM and related telemetry platforms.
Design, implement, and improve detections, dashboards, alerting, and monitoring content to increase signal quality and operational value.
Engineer reliable telemetry collection, normalization, and monitoring workflows to support data quality, operational resilience, and long-term maintainability.
Partner with SOC and MDR stakeholders to improve monitoring coverage, detection effectiveness, and response outcomes.
Mature detection engineering practices, use cases, and workflows to strengthen monitoring quality over time.
Cloud Identity & Access Management
Design, implement, and support cloud IAM controls focused on least privilege, access governance, and identity-based security.
Build and maintain controls in platforms such as Microsoft Entra, including Conditional Access and privileged access controls.
Strengthen identity posture across users, administrators, service principals, and other non-human identities.
Evaluate and improve access models to reduce risk while supporting business operations.
SOC / MDR & Threat Intelligence Support
Improve SOC and MDR effectiveness through enhancements to detection content, enrichment, workflows, and technical integrations.
Collaborate with incident response, MDR, and threat intelligence stakeholders to strengthen threat-informed monitoring and investigative value.
Provide engineering support during security incident escalations, including troubleshooting, coordination, and improvement of detection and response workflows.
Drive post-incident improvements that increase visibility, prioritization, and operational effectiveness.
Privileged Access Management
Build, operate, and mature privileged access capabilities that protect privileged credentials, administrative access, and high-risk workflows.
Standardize and improve privileged account onboarding, credential governance, vaulting, rotation, and access workflows.
Strengthen the reliability, auditability, and operational effectiveness of PAM services through clear runbooks and repeatable processes.
Partner with security and infrastructure teams to ensure PAM capabilities are scalable and aligned to enterprise standards.
Cross-Functional Security Engineering
Partner with security leadership and architecture to implement strategic security priorities through well-engineered, measurable controls.
Serve as a senior technical resource and escalation point for complex security engineering issues across core control domains.
Contribute to security design reviews, technical standards, and implementation guidance for identity, monitoring, and privileged access domains.
Create and maintain technical documentation, runbooks, and guidance that improve repeatability and supportability.
Support control validation and technical evidence requests related to implemented security controls, as needed.
Required Qualifications
7+ years of experience in information security engineering, security platform engineering, identity security, security operations engineering, or a related field.
Strong hands-on experience with SIEM/security monitoring platforms, including detection content, alerting, dashboards, tuning, and telemetry onboarding.
Working knowledge of cloud IAM, including Microsoft Entra / Azure AD, Conditional Access, privileged roles, access governance, and identity security concepts.
Based in St. Louis, Core & Main is a leader in advancing reliable infrastructure™ with local service, nationwide®. As a specialty distributor with a focus on water, wastewater, storm drainage and fire protection products and related services, Core & Main provides solutions to municipalities, private water companies and professional contractors across municipal, non-residential and residential end markets, nationwide. With over 370 locations across the U.S., the company provides its customers local expertise backed by a national supply chain. Core & Main's 5,700 associates are committed to helping their communities thrive with safe and reliable infrastructure. Visit coreandmain.com to learn more.
Position Summary
We are seeking a Senior Information Security Engineer to strengthen enterprise security controls and improve operational effectiveness across security monitoring, cloud identity and access management, privileged access management, and support of SOC/MDR and threat intelligence functions.
This is a hands-on senior engineering role responsible for designing, implementing, operating, and improving security capabilities in a complex enterprise environment. The role partners closely with security leadership and architecture to translate strategy into measurable engineering outcomes and serves as a senior technical resource for complex security engineering issues across core control domains.
Coreandmain · Saint Louis, MO 63146