Cyber Security Engineer II
United States of America
Full Time
5 days ago
$102,000 - $153,000 USD
No H1B
Key skills
PowerShellAnalyticsAWSAzureLeadershipProject ManagementCommunicationPenetration TestingNetwork SecurityCloud Security
About this role
Johns Manville is a leading manufacturer and marketer of premium-quality insulation and commercial roofing. They are seeking a Senior Cyber Security Engineer to lead the design, implementation, and support of complex enterprise security initiatives across their global environment, focusing on securing enterprise infrastructure and improving cybersecurity maturity.
Responsibilities:
- Lead the design, implementation, and support of enterprise cybersecurity solutions and security architecture initiatives
- Conduct security research, evaluate emerging technologies, and recommend solutions to improve the organization’s security posture
- Design and implement security controls across enterprise infrastructure, cloud platforms, endpoints, identity systems, and manufacturing environments
- Develop and maintain secure configurations, security standards, and technical documentation
- Lead and support cybersecurity projects involving multiple business units, technical teams, vendors, and stakeholders
- Manage implementation of enterprise security technologies and security enhancement initiatives
- Coordinate project timelines, technical deliverables, testing, validation, and operational transition activities
- Support security integration efforts for cloud services, endpoint technologies, vulnerability management platforms, SIEM/SOAR solutions, and identity security initiatives
- Participate in planning and execution of security modernization and operational improvement projects
- Serve as a senior technical expert for enterprise cybersecurity operations and security technologies
- Administer, maintain, and optimize security platforms including: Cloud security technologies, Endpoint Detection and Response (EDR/XDR), Email security, Identity and access management, Data protection technologies, SIEM and SOAR platforms, Vulnerability management platforms, Threat intelligence integrations
- Develop, tune, and maintain advanced threat detections, correlation rules, analytics, dashboards, and automation workflows
- Utilize Kusto Query Language (KQL) to develop advanced threat hunting queries, detections, reporting, and security investigations within Microsoft Sentinel, Microsoft Defender, and related security platforms
- Develop and maintain SOAR playbooks and automation workflows to improve incident response efficiency and reduce manual operational tasks
- Perform advanced threat hunting and log analysis across cloud, endpoint, network, and identity environments
- Support secure cloud operations and security monitoring across platforms such as Microsoft Azure, Microsoft 365, AWS, and related enterprise technologies
- Lead vulnerability management initiatives across enterprise infrastructure, cloud services, servers, endpoints, applications, and operational technology environments
- Maintain in-depth knowledge and operational experience with vulnerability management and scanning platforms such as Tenable, Qualys, Rapid7, Defender Vulnerability Management, or equivalent technologies
- Coordinate vulnerability remediation efforts with infrastructure, server, networking, cloud, and application teams
- Analyze vulnerability data, prioritize remediation activities based on risk, and provide reporting to technical leadership and management
- Conduct security validation and support penetration testing coordination and remediation tracking activities
- Collaborate with infrastructure, engineering, cloud, networking, DevOps, and business teams to implement secure solutions and resolve security issues
- Provide technical mentorship, training, and guidance to cybersecurity engineers, analysts, and IT personnel
- Assist teams with secure deployment practices, incident troubleshooting, and operational security best practices
- Support development of operational procedures, standards, and security documentation
- Lead and support cybersecurity incident handling, investigation, containment, eradication, and recovery efforts
- Perform advanced forensic analysis and security investigations involving endpoints, cloud services, email systems, identity systems, and enterprise infrastructure
- Develop and maintain threat detections and response processes across SIEM, EDR/XDR, and cloud security platforms
- Analyze escalated security alerts and suspicious activity to identify malicious behavior and reduce false positives
- Create and maintain custom detection logic and security analytics to improve threat visibility and response capabilities
- Develop remediation plans and coordinate incident response activities with technical teams and leadership
- Prepare investigation findings, root cause analysis, and executive-level incident reporting documentation
- Utilize PowerShell scripting and automation to support investigations, security administration, reporting, and operational efficiency initiatives
Requirements:
- Bachelor's degree with a minimum of 7 years of IT experience, OR
- 7-10 years of overall IT experience with at least 7 years focused in cybersecurity/network security
- Expert-level experience supporting enterprise cybersecurity technologies and operations
- Advanced experience with SIEM and SOAR technologies, including security automation, orchestration, and incident response workflow development
- Strong experience utilizing KQL (Kusto Query Language) for threat hunting, analytics, detections, dashboards, and investigations
- Strong PowerShell scripting experience for automation, reporting, incident response, and systems administration tasks
- Deep understanding of incident response methodologies, threat detection engineering, and forensic analysis best practices
- In-depth experience with vulnerability management programs, vulnerability scanning platforms, remediation coordination, and risk prioritization processes
- Experience implementing and managing enterprise security technologies in cloud, hybrid, and on-premises environments
- Experience with Microsoft Sentinel, Microsoft Defender, CrowdStrike, Tenable, Qualys, Rapid7, or similar enterprise security platforms preferred
- Experience supporting cloud security operations and securing Microsoft 365, Azure, AWS, or hybrid enterprise environments
- Understanding of secure software development practices, DevOps/DevSecOps concepts, and application security principles preferred
- Experience with security monitoring, endpoint protection, identity security, email security, and data protection technologies
- Strong analytical, troubleshooting, communication, and project management skills
- Ability to handle sensitive and confidential information
- Ability to work independently and lead complex technical initiatives
- Participation in after-hours support and on-call rotation as required
- Moderate travel required (11–29 days annually), including occasional travel to manufacturing facilities and corporate locations
- CISSP
- GIAC Certification
- Microsoft Security Certifications
- Azure Security Certifications
- Or equivalent cybersecurity-related certifications