Senior Associate Information Security

Company Overview

Along with its affiliate companies, Affinius Capital invests across the risk spectrum for a global client base, managing over $61 billion in gross assets under management within a diversified portfolio across North America and Europe. Affinius Capital provides strategic equity and debt capital, including to capitalize on the accelerating demand for technology-driven real estate assets, to meet the critical need for housing solutions, and for other market and capital structure opportunities exhibiting compelling risk-return characteristics. For more information, visit affiniuscapital.com.

Job Description

The Senior Associate Information Security is responsible for leading the organization’s cybersecurity program across a hybrid on‑premises and Microsoft Azure environment. This role owns security operations, governance, risk management, and incident response while partnering closely with infrastructure, cloud, compliance, and business leaders.

The ideal candidate has deep hands‑on experience with Microsoft 365 security, Microsoft Defender (XDR), Entra ID (Azure AD), and Azure security controls, combined with strong leadership, risk‑based decision‑making, and the ability to communicate security posture to both technical and non‑technical stakeholders.

Essential Duties and Responsibilities:

Security Operations & Engineering

• Lead day‑to‑day security operations across Microsoft Defender XDR, including Defender for Endpoint, Identity, Office 365, Cloud Apps, Defender for Cloud, and Microsoft Sentinel
• Oversee detection, investigation, and response to security incidents, including phishing, BEC, endpoint compromise, identity attacks, and insider risk.
• Own and continuously improve incident response playbooks, tabletop exercises, and post‑incident reviews.
• Manage security monitoring, alert tuning, and automation (SOAR) to reduce noise and improve mean time to detect/respond (MTTD/MTTR).

Identity, Access & Cloud Security

• Govern Microsoft Entra ID security, including Conditional Access, MFA, Privileged Identity Management (PIM), identity protection, and access reviews.
• Partner with infrastructure and cloud teams to secure hybrid Active Directory, Azure subscriptions, and workloads.
• Ensure secure configuration baselines for endpoints, servers, and cloud resources using Microsoft security best practices.

Governance, Risk & Compliance

• Maintain and mature the organization’s information security program, policies, and standards (e.g., access control, incident response, data protection).
• Map technical controls to frameworks such as NIST CSF, ISO 27001, or similar.
• Support audits, risk assessments, vendor security reviews, and regulatory/compliance initiatives.
• Track and report security risk, control effectiveness, and remediation progress to leadership.

Data Protection & Information Governance

• Partner with Legal, Compliance, and IT to protect sensitive data using Microsoft Purview, DLP, retention, and eDiscovery.
• Ensure appropriate controls for data classification, encryption, and information lifecycle management.

Leadership & Collaboration

• Manage security operations resources (internal or MSSP).
• Serve as a trusted advisor to IT leadership and business stakeholders on security risk and strategy.
• Drive security awareness and training initiatives across the organization.
• Participate in architecture and project reviews to embed security by design.

Perform other essential duties, as assigned.

Requirements

• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).
• 5+ years of progressive experience in information security
• Strong hands‑on experience with:
  • Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps)
  • Microsoft Entra ID (Azure AD), Conditional Access, MFA, PIM
  • Microsoft 365 security and compliance features
  • Hybrid on-premises and Azure environments
• Proven experience leading incident response and security investigations.
• Solid understanding of security frameworks, risk management, and audit processes.
• Ability to communicate complex security topics clearly to executives and non‑technical audiences.
• Willing to work onsite full-time
• Qualifications may warrant placement in other job title.

Preferred Qualifications:

• Microsoft security certifications (e.g., SC‑200, SC‑300, SC‑100, AZ‑500).
• Industry certifications such as CISSP, CISM, CRISC, or GIAC.
• Experience with Defender automation, KQL, Sentinel, or SOAR tooling.
• Experience in financial services, real estate, or regulated environments.
• Experience integrating third‑party tools with Microsoft Defender and M365.

Affinius Capital complies with laws and regulations that permit certain requests related to your data in our files, including, but not limited to, the California Consumer Privacy Act (the “CCPA”). The Company's privacy policy and contact information for questions regarding your data or the policy may be found here. 

At Affinius Capital our employees enjoy generous benefits packages including comprehensive medical, dental and vision plans, 401k, educational and professional designation assistance, casual dress attire and much more! The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.

Affinius Capital is an Equal Opportunity Employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.