Cybersecurity Engineer I/II (Remote - US)

About The Position

Requirements

• Authorized to work in the US
• Minimum 2 years of experience in cybersecurity engineering or related roles

Nice To Haves

• Bachelor’s degree or higher in computer science, cybersecurity, or related field.
• Able to work now and in the future without BNSF’s assistance (whether monetary, through sponsorship, or otherwise) in obtaining, maintaining, or extending employment authorization (including H-1B, STEM OPT/CPT, or TN nonimmigrant status).
• Proficiency in Python or Java for automation, scripting, and tool development
• Hands-on experience with penetration testing tools (e.g., Burp Suite, Metasploit, Nmap)
• Strong understanding of network security protocols, firewalls, IDS/IPS, and VPNs and an understanding of Zero Trust Networking principles
• Knowledge of data security principles including encryption, DLP, and access controls
• Experience securing web and mobile applications, APIs, and microservices
• Experience security containerized and ephemeral application deployments
• Familiarity with infrastructure security across on-prem, cloud (AWS/Azure/GCP), and hybrid environments
• Solid grasp of Security Operations Center (SOC) workflows, SIEM platforms, and incident response
• Certifications such as OSCP, CEH, CISSP, or GIAC are a plus
• Strong analytical and problem-solving skills
• Excellent communication and documentation abilities
• Ability to work independently and collaboratively in cross-functional teams
• Passion for continuous learning and staying ahead of the threat landscape
• Experience with secure access frameworks (SASE, ZTNA).
• Contributions to open-source security tools or research.

Responsibilities

• Design, implement, and maintain security controls across network, infrastructure, data, and application layers
• Assist in the creation of security policies and standards for adherence.
• Perform risk assessments and contribute to data protection strategies across structured and unstructured data
• Assist in penetration testing and vulnerability assessments to identify and remediate risks
• Develop and maintain tooling to aid in automation for threat detection, response, and reporting
• Collaborate with DevOps and IT teams to embed security into CI/CD pipelines and cloud environments
• Monitor and respond to security incidents, working closely with SOC and IR teams
• Support compliance initiatives (e.g., NIST, SOX) through technical enforcement and documentation
• Participate in red/blue team exercises and threat modeling activities
• Continuously evaluate emerging threats and recommend proactive security measures
• Contribute to the development of playbooks, runbooks, and operational procedures for security operations
• Demonstrate operational excellence by monitoring, troubleshooting, and resolving production issues, including participating in a 24/7 on‑call rotation

Benefits

• An industry-leading 401(k) and renowned Railroad Retirement program.
• A range of robust health care options for you and your dependents (including domestic partners), including medical, dental, vision, telemedicine, mental health, cancer support, and high-quality care network options.
• Health care spending accounts (HSA) with employer contributions, as well as life and disability insurance, provided at no cost.
• Family benefits including parental, pediatric and family building support, adoption and surrogacy reimbursement, and dependent care spending account (with employer match).
• Access to discounts on travel, gym memberships, counseling services and wellness support.
• Annual bonus (Incentive Compensation Program)
• Generous leave / time off policies.