Cybersecurity Engineer

We are seeking a skilled Cybersecurity Engineer to design, implement, and manage a robust security architecture that protects our global digital assets. As a key member of our technology team, you will be responsible for safeguarding our global infrastructure, ensuring a unified and resilient security posture in a multi-region environment. The ideal candidate possesses a deep technical understanding of network security, cloud-native defense, and incident response, paired with the ability to navigate the complexities of international regulatory frameworks.

1. Global Network Security Architecture: Collaborate with System Engineering to design, deploy, and optimize the Next-Generation Firewall (NGFW) stack across all domestic and international locations. Ensure consistent application-level security and high-performance connectivity while maintaining global configuration standards to prevent unauthorized access.

2. Advanced Threat Monitoring & Response: Act as the primary technical partner for Managed Detection and Response (MDR) teams to triage and remediate high-priority security alerts. Proactively manage internal security sensors and telemetry to identify lateral movement, ensuring rapid containment of potential threats within the distributed network.

3. Unified Visibility: Utilize an Attack Surface Manager as the "source of truth" to identify unmanaged assets and ensure 100% coverage of security agents.

4. Endpoint and Server Updates/Patching: Monitor, manage and patch devices and servers across the organization.

5. Threat Intelligence & Tactical Response: Perform routine cybersecurity analysis and incident response to mitigate emerging threats. Provide technical support for infrastructure-related initiatives and maintain operational readiness by handling escalated security events and performing ad-hoc defensive duties.

6. Extended Detection and Response Correlation: Maintain the XDR environment, correlating telemetry from endpoints, servers, and Next Generation Firewall security events to identify complex attack patterns.

7. Remediation: Lead technical remediation efforts following security anomalies, ensuring the "Recover" phase as part of the compliance requirements.

8. Identity Management: Administer Identity tools, including Conditional Access policies, Privileged Identity Management, two step verification and multi factor authentication.

9. Secure Enclave Access: Plan and coordinate Role Based Access Controls for the Secure Enclave, ensuring identity lifecycles follow the principle of least privilege.

10. Security Framework & Regulatory Compliance: Lead the technical implementation of security controls based on the NIST CSF and NIST 800-53 standards. Collaborate with the CyberSecurity Manager to ensure international data sovereignty and security requirements-specifically NIS2 and GDPR-are met. Manage the lifecycle of technical evidence and logs required for internal and external regulatory audits.

11. Documentation: Maintain high-quality Standard Operating Procedures for Information Technology Security and Cyber Security.

Subject Matter Expertise: Direct experience with Industry Standards tied to network security operations and architectures.

Asset Intelligence: Hands on experience with cyber asset attack surface management.

Cloud & Hybrid Identity: Deep technical understanding of Identity Access Management and hybrid security infrastructure troubleshooting.

Analytical Thinking: Ability to interpret complex telemetry and correlate findings with compliance standards.

Confidentiality: Maintaining absolute confidentiality of all investigative data and processed information.

Cloud & Hybrid Infrastructure: deep understanding of technologies associated with an enterprise infrastructure to include "On-Prem and Cloud".

Regularly required to walk, communicate, see, sit, and use hands. Ability to travel domestically and internationally as required.

REQUIRED:Bachelor's degree in Cyber Security, Computer Science, Computer Engineering, Information Systems, or a related discipline (OR two additional years of direct work experience in lieu of a degree). Three years or more of experience in a professional cyber security environment. Hands-on experience supporting a security stack in a hybrid enterprise IT environment.

All applicants must be a 'U.S. Person' as defined by 22 C.F.R. * 120.62

PREFERRED: Certifications: CISSP (Certified Information Systems Security Professional), Security+, CySA+, or SSCP.

Working experience in a global and/or manufacturing company. Strong understanding of the 8 domains of the CISSP Common Body of Knowledge (CBK) as they apply to enterprise operations.