Sr. Security Engineer

The Greenbrier Companies•Lake Oswego, OR

2d•Onsite

About The Position

At Greenbrier, we do the hard work that matters. The Greenbrier Companies (NYSE:GBX) is powering the movement of products around the world as a leading designer, manufacturer and supplier of freight rail transportation equipment and services. Greenbrier’s heritage of hard work and industrial innovation is celebrated at every level of our organization. We structure our business to support teams that deliver innovative solutions for our customers while positively impacting the world around us. Greenbrier’s success begins with people. We believe in supporting our global workforce through our unwavering attention to Safety, Quality, Respect for People and Customer Satisfaction. Our Inclusion, Diversity, Engagement, Access and Leadership (IDEAL) commitment is rooted in these values, which lead to a culture where employees are engaged and feel good about coming to work every day. Summary The Senior Security Engineer leads and advances enterprise security programs across endpoint detection and response, vulnerability management, cloud security, and incident response. This role leverages the Microsoft security ecosystem to protect a large, global environment and serves as a technical leader and mentor within the security team.

Requirements

5+ years of hands-on experience in enterprise cybersecurity engineering or security operations.
Deep expertise with Microsoft Defender for Endpoint (MDE), Intune, and the broader Microsoft 365 Defender suite, or comparable enterprise solutions.
Demonstrated experience leading or significantly contributing to enterprise vulnerability management programs.
Proficiency with KQL for threat hunting, detection engineering, and security analytics.
Strong experience with Azure security, including familiarity with CIS Benchmarks, MCSB, Azure IAM, and Azure Security Center/Defender for Cloud.
Experience with ServiceNow (VR or SecOps) or comparable ITSM/ticketing platforms.
Proven ability to work independently, manage multiple initiatives, and drive programs to completion in complex enterprise environments.
Excellent written and verbal communication skills, with the ability to translate technical findings for non-technical audiences.

Nice To Haves

Microsoft certifications such as AZ-500 (Azure Security Engineer Associate) or SC-200 (Security Operations Analyst).
Experience with additional EDR platforms such as SentinelOne, Carbon Black, or Tanium.
Familiarity with Rapid 7 or comparable vulnerability scanning platforms.
Scripting or automation experience, particularly PowerShell or KQL-based automation workflows.
Relevant certifications such as CompTIA Security+, CISA, or CISSP.
Experience with OT/ICS security environments.
Background in security program management, process design, or Lean Six Sigma methodologies.
Prior military service or experience holding a U.S. security clearance.

Responsibilities

Endpoint Detection & Response (MDR/EDR) Manage and optimize the enterprise Microsoft Defender for Endpoint (MDE) deployment across a large global endpoint fleet.
Develop and maintain baseline security policies, Attack Surface Reduction (ASR) rules, and asset tagging strategies within MDE and Microsoft Intune.
Drive MDR operations including alert triage, threat hunting using KQL advanced hunting queries, and continuous improvement of detection coverage.
Evaluate, integrate, or retire supplementary EDR/AV tooling to ensure a cohesive, effective endpoint protection program.
Vulnerability Management Own the enterprise vulnerability management program end-to-end, from scanning and prioritization through remediation tracking and reporting.
Integrate vulnerability data with ServiceNow VR or equivalent ITSM platforms to drive structured remediation workflows.
Build and maintain operational and executive dashboards that communicate risk posture and remediation progress to stakeholders.
Collaborate with IT and engineering teams to achieve and sustain critical and high vulnerability compliance targets.
Incident Response & Security Operations Act as a senior contributor during cyber incident response, serving in roles including incident lead, SOC analyst, and threat intelligence.
Conduct ongoing security investigations, manage tickets, and provide on-call after-hours incident support as needed.
Leverage Microsoft Sentinel and MDE for detection engineering, SIEM tuning, and security operations workflow improvements.
Contribute to the development and maintenance of IR playbooks, runbooks, and lessons-learned documentation.
Cloud Security (Azure) Assess and improve Azure security posture by maintaining alignment to CIS Benchmarks and Microsoft Cloud Security Benchmark (MCSB).
Monitor and drive improvements to Azure Secure Score, establishing regular reporting and remediation cadences with stakeholders.
Support Azure IAM governance, including reviewing role assignments, enforcing least-privilege principles, and remediating over-permissioned identities.
Collaborate with cloud and infrastructure teams on secure Azure Landing Zone design and control implementation.
Software Security & Governance Lead software security review processes, assessing new and existing software for risk, reputation, and vulnerability exposure.
Build and maintain automated investigation workflows using MDE advanced hunting and other tools to accelerate software approval decisions.
Author and maintain enterprise security assessment playbooks and standards to ensure consistent, repeatable review processes.
Leadership & Collaboration Function as a de facto technical project manager for enterprise security initiatives, coordinating across IT, engineering, compliance, and business stakeholders.
Mentor junior engineers, analysts, and interns, supporting their growth and progression into security careers.
Effectively communicate security risk and program status to both technical peers and executive leadership.
Work with and manage the relationship with outside partners and vendors to accomplish goals, hold outside partners to SLAs and standards of work.