Cyber Security Engineer II

About The Position

Requirements

• Bachelor’s degree with a minimum of 7 years of IT experience, OR 7-10 years of overall IT experience with at least 7 years focused in cybersecurity/network security.
• Two or more of the following certifications: CISSP, GIAC Certification, Microsoft Security Certifications, Azure Security Certifications, or equivalent cybersecurity-related certifications.
• A Master’s degree in Cybersecurity, Information Security, Computer Science, or related field may be considered in lieu of some experience requirements.
• Expert-level experience supporting enterprise cybersecurity technologies and operations.
• Advanced experience with SIEM and SOAR technologies, including security automation, orchestration, and incident response workflow development.
• Strong experience utilizing KQL (Kusto Query Language) for threat hunting, analytics, detections, dashboards, and investigations.
• Strong PowerShell scripting experience for automation, reporting, incident response, and systems administration tasks.
• Deep understanding of incident response methodologies, threat detection engineering, and forensic analysis best practices.
• In-depth experience with vulnerability management programs, vulnerability scanning platforms, remediation coordination, and risk prioritization processes.
• Experience implementing and managing enterprise security technologies in cloud, hybrid, and on-premises environments.
• Experience supporting cloud security operations and securing Microsoft 365, Azure, AWS, or hybrid enterprise environments.
• Understanding of secure software development practices, DevOps/DevSecOps concepts, and application security principles preferred.
• Experience with security monitoring, endpoint protection, identity security, email security, and data protection technologies.
• Strong analytical, troubleshooting, communication, and project management skills.
• Ability to handle sensitive and confidential information.
• Ability to work independently and lead complex technical initiatives.
• Participation in after-hours support and on-call rotation as required.
• Remote and hybrid work candidates must maintain a secure working environment and effectively collaborate with distributed teams.

Nice To Haves

• Experience with Microsoft Sentinel, Microsoft Defender, CrowdStrike, Tenable, Qualys, Rapid7, or similar enterprise security platforms preferred.

Responsibilities

• Lead the design, implementation, and support of enterprise cybersecurity solutions and security architecture initiatives.
• Conduct security research, evaluate emerging technologies, and recommend solutions to improve the organization’s security posture.
• Design and implement security controls across enterprise infrastructure, cloud platforms, endpoints, identity systems, and manufacturing environments.
• Develop and maintain secure configurations, security standards, and technical documentation.
• Lead and support cybersecurity projects involving multiple business units, technical teams, vendors, and stakeholders.
• Manage implementation of enterprise security technologies and security enhancement initiatives.
• Coordinate project timelines, technical deliverables, testing, validation, and operational transition activities.
• Support security integration efforts for cloud services, endpoint technologies, vulnerability management platforms, SIEM/SOAR solutions, and identity security initiatives.
• Participate in planning and execution of security modernization and operational improvement projects.
• Serve as a senior technical expert for enterprise cybersecurity operations and security technologies.
• Administer, maintain, and optimize security platforms including: Cloud security technologies, Endpoint Detection and Response (EDR/XDR), Email security, Identity and access management, Data protection technologies, SIEM and SOAR platforms, Vulnerability management platforms, Threat intelligence integrations.
• Develop, tune, and maintain advanced threat detections, correlation rules, analytics, dashboards, and automation workflows.
• Utilize Kusto Query Language (KQL) to develop advanced threat hunting queries, detections, reporting, and security investigations within Microsoft Sentinel, Microsoft Defender, and related security platforms.
• Develop and maintain SOAR playbooks and automation workflows to improve incident response efficiency and reduce manual operational tasks.
• Perform advanced threat hunting and log analysis across cloud, endpoint, network, and identity environments.
• Support secure cloud operations and security monitoring across platforms such as Microsoft Azure, Microsoft 365, AWS, and related enterprise technologies.
• Lead vulnerability management initiatives across enterprise infrastructure, cloud services, servers, endpoints, applications, and operational technology environments.
• Maintain in-depth knowledge and operational experience with vulnerability management and scanning platforms such as Tenable, Qualys, Rapid7, Defender Vulnerability Management, or equivalent technologies.
• Coordinate vulnerability remediation efforts with infrastructure, server, networking, cloud, and application teams.
• Analyze vulnerability data, prioritize remediation activities based on risk, and provide reporting to technical leadership and management.
• Conduct security validation and support penetration testing coordination and remediation tracking activities.
• Collaborate with infrastructure, engineering, cloud, networking, DevOps, and business teams to implement secure solutions and resolve security issues.
• Provide technical mentorship, training, and guidance to cybersecurity engineers, analysts, and IT personnel.
• Assist teams with secure deployment practices, incident troubleshooting, and operational security best practices.
• Support development of operational procedures, standards, and security documentation.
• Lead and support cybersecurity incident handling, investigation, containment, eradication, and recovery efforts.
• Perform advanced forensic analysis and security investigations involving endpoints, cloud services, email systems, identity systems, and enterprise infrastructure.
• Develop and maintain threat detections and response processes across SIEM, EDR/XDR, and cloud security platforms.
• Analyze escalated security alerts and suspicious activity to identify malicious behavior and reduce false positives.
• Create and maintain custom detection logic and security analytics to improve threat visibility and response capabilities.
• Develop remediation plans and coordinate incident response activities with technical teams and leadership.
• Prepare investigation findings, root cause analysis, and executive-level incident reporting documentation.
• Utilize PowerShell scripting and automation to support investigations, security administration, reporting, and operational efficiency initiatives.

Benefits

• Choice of comprehensive medical plans
• Dental plan
• Vision plan
• Wellness program
• Critical illness insurance
• 401(k) plan with company match
• Paid vacation
• Paid sick leave
• Paid parental leave
• Basic life Insurance
• Short-term and long-term disability coverage
• Employee assistance program
• Business travel accident coverage
• Supplemental life insurance
• Accidental death and dismemberment insurance
• Health spending account
• Traditional flexible spending account
• Dependent care spending account
• Tuition reimbursement program for undergraduate and certain graduate programs
• Educational opportunities
• Company-wide mentoring program
• Soft and hard skills training