Senior Cybersecurity Engineer

About The Position

Requirements

• 8+ years of progressive experience in cybersecurity, information security engineering, or related roles
• Demonstrated experience leading incident response and security investigations in an enterprise environment
• Strong knowledge of security frameworks such as NIST, CIS, or ISO, with the ability to apply them pragmatically
• Hands‑on experience with enterprise security tools (SIEM, EDR, identity security, vulnerability management)
• Proven ability to communicate complex security topics clearly to executives and non‑technical stakeholders
• High degree of integrity, discretion, and sound judgment when handling sensitive information

Nice To Haves

• Experience securing hybrid environments (on‑premises and cloud)
• Familiarity with Microsoft 365 E5 security capabilities (Defender, Sentinel, Purview, Entra ID)
• Strong foundation in core networking concepts, including TCP/IP, routing, switching, firewalls, VLANs, and network segmentation
• Familiarity with OT or industrial network environments and the unique security, availability, and safety considerations they introduce
• Relevant certifications (CISSP, CISM, GIAC, or similar)

Responsibilities

• Establish, maintain, and continuously improve Hampton Lumber’s cybersecurity policies, standards, and controls across all affiliate companies, aligned with business risk and operational realities.
• Translate cybersecurity frameworks (e.g., NIST, CIS) into practical, actionable controls appropriate for Hampton’s environment.
• Partner with the CIO to define multi‑year security roadmaps, priorities, and investment recommendations
• Serve as the technical lead for cybersecurity incident response, including detection, containment, eradication, recovery, and post‑incident analysis.
• Lead and coordinate security investigations, including forensic analysis, evidence collection, and root cause determination
• Act as Hampton’s primary security liaison with external partners such as MSSPs, vendors, insurers, and legal counsel during incidents
• Produce clear executive‑level incident briefings and post‑incident reports with actionable recommendations
• Design, implement, and operate security controls across identity, endpoint, email, network, and cloud environments
• Own and continuously improve Hampton’s security monitoring and detection capabilities (e.g., SIEM, EDR, threat intelligence)
• Drive vulnerability management, secure configuration baselines, and security hardening across enterprise systems
• Partner with Infrastructure, Service Desk, and Application teams to embed security into daily operations and projects
• Conduct and maintain ongoing security risk assessments across Hampton and affiliate environments
• Support internal and external audits by maintaining security documentation, evidence, and control mappings
• Ensure security practices align with legal, regulatory, and contractual obligations
• Provide security leadership and mentorship to IT team members, raising the overall security maturity of the organization
• Collaborate with executive leadership, affiliate IT leaders, and business stakeholders to align security with business objectives
• Promote a strong security culture that aligns with Hampton’s broader focus on safety, accountability, and operational excellence

Benefits

• Substantial company-paid assistance for Medical and Dental insurance premiums; mental health coverage; cost effective co-pays and deductibles
• 401(k) with 5% annual company contribution and generous company matching contributions vested over three years
• Paid time off, including eight paid holidays
• Opportunity to earn bonuses
• Employee wellness program that includes free counseling sessions, financial and legal guidance, and more
• Opportunities for paid training to support career advancement and personal development