Cybersecurity Engineer SIEM, EDR, IDS/IPS

General Description:

We are seeking a highly skilled and motivated Cybersecurity Engineer to join our Enterprise Security Team. In this role, you will be responsible for safeguarding the organization's information systems, networks, and data from evolving security threats.

You will design, implement, and monitor security controls, investigate and respond to incidents, and ensure compliance with industry standards and regulatory requirements. Reporting to the Senior Manager, Enterprise Security, you will collaborate closely with IT teams, security leadership, and third-party partners to strengthen our security posture. This role also includes supporting the unique needs of our manufacturing and laboratory environments.

Essential Functions of the job:

• Design, deploy, and maintain security solutions to safeguard enterprise systems, networks, and applications.
• Monitor security alerts and events to detect and respond to threats in a timely manner.
• Investigate, analyze, and remediate security incidents, escalating when necessary.
• Collaborate with IT and business teams to ensure secure architecture and operations.
• Support manufacturing and lab environments with tailored security solutions.
• Ensure compliance with relevant security frameworks, policies, and regulations.
• Conduct risk assessments, recommend improvements, and drive implementation of best practices.
• Administer and optimize the SIEM platform for log management, alerting, and threat detection.
• Support and enhance OT security platforms, ensuring resilience and compliance across manufacturing and lab environments.
• Manage and monitor endpoint security using CrowdStrike (threat detection, prevention, and response).
• Oversee Qualys vulnerability management tools, performing regular scans, reporting, and remediation coordination.
• Produce and maintain security tool true-up metrics to ensure compliance, accuracy, and proper coverage across organizational servers and endpoints
  
  

Supervisory Responsibilities:

• Provide technical guidance and mentorship to junior security engineers and analysts.
• Assist in prioritizing team workload and coordinating with cross-functional IT/security teams.
• Support the Senior Manager in implementing security initiatives and serve as the acting lead when required
• Contribute to developing team standards, playbooks, and best practices.

Technical Skills: Proficient in security technologies such as SIEM, EDR, IDS/IPS, vulnerability management, and log analysis tools.

Qualifications:

• Bachelor's degree in computer science, Information Security, or related field (or equivalent experience).
• 7 to 10 years of proven experience in cybersecurity engineering, incident response, and security operations.
• Hands-on expertise in implementing and supporting SIEM platforms, OT security solutions, endpoint protection tools (e.g., CrowdStrike), and vulnerability management (e.g., Qualys).
• Solid understanding of threat modeling frameworks (e.g., Cyber Kill Chain, MITRE ATT&CK) and key compliance standards (e.g., NIST, ISO 27001), with the ability to apply them effectively in day-to-day security operations.

Strong verbal and written communication skills for both technical and non-technical audiences.

• Familiarity with securing OT/ICS or lab/manufacturing environments is a plus.

Relevant certifications such as CISSP, OSCP, or CEH.

Ability to work in a fast-paced, dynamic environment, balancing multiple priorities.

Commitment to continuous learning and staying updated on cybersecurity trends and technologies.

Familiarity with scripting languages such as Python, PowerShell, or Bash to analyze security data, parse logs, and identify potential threats or anomalies during investigations.