Cybersecurity Engineer

About The Position

Requirements

• Strong hands-on cybersecurity engineering experience in enterprise environments
• Deep knowledge of network, endpoint, cloud, and on-prem security architecture
• Experience with firewalls, WAFs, SIEM, EDR/XDR, NDR, IDS/IPS, NAC, and automation platforms
• Experience securing AWS, Azure, and/or GCP environments
• Knowledge of IAM, Active Directory, Entra ID, PKI, certificates, and encryption
• Ability to investigate incidents, analyze telemetry, and respond to threats
• Experience with threat hunting, detection engineering, and alert tuning
• Experience with vulnerability management and penetration test coordination
• Familiarity with secure application practices and tools such as SAST, DAST, SCA, and container security
• Ability to script or automate security workflows using SOAR and common scripting languages
• Ability to document findings and communicate technical risk clearly
• Strong troubleshooting, root cause analysis, and cross-functional collaboration skills
• Willingness to participate in on-call support, including occasional nights, weekends, and holidays

Nice To Haves

• Experience with OT/manufacturing security, including SCADA and PLC environments
• Experience with Zero Trust technologies such as SSE, CASB, DLP, and ZTNA
• Familiarity with AI governance and AI security
• Experience supporting compliance frameworks such as NIST, ISO 27001, GDPR, PCI, SOX, HIPAA, and SOC 2
• Experience with vendor evaluation, contract support, and security tool cost/value analysis
• Experience mentoring others and contributing to security culture initiatives

Responsibilities

• Security Engineering & Architecture Design, deploy, and support enterprise security technologies, including: Network & Perimeter Security Firewalls, Network Access Control (NAC) solutions, IDS/IPS systems. WAF and reverse proxy protections. Endpoint & Host Security EDR/XDR platforms, next generation antivirus, anti malware. Windows, Linux, and Unix hardening baselines. Identity, Authentication & Cryptography Public Key Infrastructure (PKI), certificates, encryption services Conditional Access Azure Entra ID and Active Directory Operational (OT) Security Supervisory Control and Data Acquisition (SCADA) systems, Programmable Logic Controllers (PLCs), and other manufacturing automation equipment. Including supporting legacy backup and security-oriented solutions. Micro segmentation by restricting east west traffic within plants and distribution centers. Cloud & Zero Trust Security CSPM, CWPP, SIEM/SOAR integrations, and Identity Access Management (IAM) controls in Cloud environments such as: Amazon AWS, Microsoft Azure, and Google Cloud Platform GCP. Hands on experience with Zero Trust Network Architecture (ZTNA), including: Secure Service Edge (SSE), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), API Protection, and remote access technologies. AI & Application Security Developing secure coding practices, automation, and maintaining application security testing tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container Security, etc., Ability to build automation via Security Orchestration Automation and Response (SOAR) tools in conjunction with custom scripts via established coding/scripting languages Familiarity with AI Governance and AI Security practices
• Incident Response & Monitoring Provide on call support, including occasional nights, weekends, and holidays, ensuring rapid response to security and production-impacting events. Analyze and act on security events across SIEM, EDR, Intrusion Detection/Prevention Systems (IDS/IPS), NDR, firewall logs, cloud telemetry, and endpoint security tools to identify anomalous behavior, indicators of compromise (IOCs), and threats.
• Threat Hunting & Intelligence Conduct threat hunting using User Event Behavioral Analytics (UEBA), and other technologies Coordinate with other cybersecurity and IT teams to engineer and tune detection rules, and playbooks to reduce false positives and respond to emerging threats such as ransomware, supply chain attacks, and AI generated threats.
• Vulnerability & Penetration Testing Orchestrate internal and external vulnerability assessments, penetration tests for networks, cloud infrastructure, IoT/OT, APIs, and web/mobile applications. Analyze exploitable weaknesses, produce detailed remediation guidance, and collaborate with system owners for determining appropriate security controls
• Security Governance, Compliance & Risk Support compliance and audit initiatives (e.g., GDPR, NIST, ISO 27001, PCI, SOX, HIPPA, SOC 2) by conducting risk assessments of hardware and software solutions Contribute to security policy development, standards, procedures, baselines, and operational runbooks.
• Vendor & Financial Management Manage relationships with security product vendors and service providers. Partner with sourcing on contract evaluations, renewals, and cost optimization for security tooling. Maintain financial comparisons and value assessments for security investments.
• Security Awareness & Culture Support security awareness initiatives, including training programs, phishing simulations, and security culture improvement activities. Training and mentoring individuals with an interest in Cybersecurity both internally and externally
• Documentation & Reporting Document findings, root causes, risks, and remediation activities. Prepare and deliver clear communication to both technical teams and non technical teams and leadership. Produce after action reports, engineering documentation, diagrams, and operational checklists.