CybersecurityEngineer

Trupanion is a leading provider of medical insurance for cats and dogs in North America. Our mission is to help loving, responsible pet owners budget and care for their pets. At Trupanion, we offer a collaborative, casual, and pet-friendly environment where everyone is encouraged to be themselves. We are seeking a Cybersecurity Engineer to help design, operate, and continuously improve Trupanion’s security controls and tooling across our Microsoft 365/Azure environment and supporting on-prem systems. This role balances hands-on ownership of core security platforms—particularly the Microsoft Defender suite and Privileged Access Management (CyberArk)—with strong security engineering practices such as automation, integrations, hardening, and detection and response improvements. The ideal candidate is proactive, detail-oriented, and comfortable partnering with IT and engineering teams to reduce risk, respond to incidents, and deliver practical, measurable security outcomes. This position is open to candidates in the Seattle area. You will have a hybrid remote/in-office schedule where you will work from our casual, pet-friendly office at least 3 days a week. Key Responsibilities: * Engineer, operate, and continuously improve the Microsoft Defender security stack (e.g., Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud Apps, Defender Vulnerability Management) to protect endpoints, identities, email, and cloud applications. * Own and administer Privileged Access Management tool, including onboarding/offboarding privileged accounts, policy and workflow configuration, vault health, upgrades, and integrations. * Integrate Defender and PAM signals with SIEM/SOAR and ITSM workflows to improve detection fidelity, reduce false positives, and accelerate response and remediation. * Design and implement security engineering solutions across cloud and on-prem environments (primarily Azure/M365), including baseline hardening, configuration stand