Security Lead Software Engineer

About the job Who We Are McMaster‑Carr is a leading e‑commerce company that industrial customers have trusted for more than 120 years. Our products help customers restore manufacturing lines quickly, keep operations running smoothly, and prototype the next generation of innovative products. We earn that trust by offering the right products, making them easy to find, and delivering them fast--so customers can solve problems with speed, precision, and confidence. This role is a pathway to senior engineering management and technical leadership—your growth is determined by your impact, not by tenure. Our Culture We intentionally cultivate a culture focused on clear execution and long‑term growth. We are responsible for securing systems that endure for decades and support the company’s long-term growth. That responsibility means engineering work starts with a deep understanding of the problem and its impact, grounded in clear ownership, open communication, and direct feedback. Our teams are trusted to make thoughtful decisions about how work gets done, balancing a high bar for quality with practical execution. How You’ll Make an Impact Our security engineering team protects the entirety of our IT and OT infrastructure: thousands of end-user devices across multiple facilities, automation equipment in distribution facilities, network devices and servers in company data centers, and our customer-facing eCommerce experience. You’ll identify, define and lead work to reduce the risks we face as a company. As a Lead Security Engineer, you’ll work on projects like: Detection, Response, and Risk Prioritization: Building and improving detection and response capabilities and assessing vulnerabilities in context-- understanding which issues pose real risk in our environment and prioritizing remediation accordingly. Security Engineering & Automation: Developing custom security tooling, automation, and response playbooks that improve response speed and reduce operational noise. Designing scalable, maintainable security workflows that integrate cleanly with existing engineering systems. Cloud & Infrastructure Security: Designing and implementing scalable cloud security controls as we migrate and modernize our infrastructure, and researching and evaluating new security solutions. Innovation & Emerging Technologies: Experimenting with LLM-driven workflows for security analysis and automation. What You Bring We’re looking for a hands-on security engineer who thrives in complex environments and enjoys solving challenging, ambiguous problems. Our ideal candidate will have: Hands-on experience in security operations, including detection, response, and vulnerability management. A thoughtful, analytical approach to prioritizing real-world risks. Experience with both offensive and defensive security techniques A strong foundation in network security, server administration or vulnerability management. Scripting ability in PowerShell or Python Technologies We Use Security, Monitoring & Vulnerability Management: Splunk, Tenable, Carbon Black, Symantec, Active Directory/Entra ID, ForeScout, Proofpoint, Checkpoint, Wireshark, tcpdump Scripting: Python, PowerShell Infrastructure: Azure, Linux, Kubernetes, Cisco ACI, GitLab, VMWare, Linux LLMs: Copilot, OpenAI, Gemini, Claude Cash Compensation Total cash compensation is generally around $235,000 to $310,000 and includes a profit sharing based on company profitability. You will also receive a relocation stipend (if applicable) and signing bonus. Benefits Growth & Learning 100% tuition reimbursement Informal and formal mentorship Employee resource groups Health & Wellbeing Medical, dental, pharmacy, and vision plans with no monthly premiums Inclusive, all-gender benefits Family & Future Paid parental leave for all new parents Adoption and surrogacy assistance First-time home buyer assistance Industry-leading company-funded retirement accounts Time Off Paid vacation and personal time Equal Opportunity Employer We are proud to be an Equal Opportunity Employer and dedicated to providing employees a workplace with reasonable accommodations and free of discrimination, harassment, and retaliation. At McMaster-Carr, we do not make employment decisions based on age, ethnicity, citizenship status, military status, gender identity and expression, race, religion, disability status, marital status, sexual orientation, or any other legally protected group. This position is not eligible for work authorization sponsorship by McMaster-Carr. Data We Collect We may collect professional, education and employment-related data, and any assessments made throughout the recruiting process, to evaluate candidacy for employment. To communicate with job applicants, we may collect applicant names, contact information, and other personal identifiers, including those outlined in the California customer records statute. Through voluntary disclosure, we may also collect protected classifications under federal or California law (e.g., race, gender, etc.). For additional details about the personal information we collect and its uses, please click here .