Senior Cyber Security Engineer

  • Full-time
  • Shift: Day Shift
  • Position Type: Permanent

Company Description

Cornerstone Building Brands is the largest manufacturer of external building products in North America. Our comprehensive portfolio spans the breadth of the residential and commercial markets, while our expansive footprint enables us to serve customers and communities across North America. Our relentless focus on excellence combined with our outgoing commitment to innovation and R&D has driven us to become the #1 manufacturer of windows, vinyl siding, insulated metal panels, metal roofing and wall systems, and metal accessories. We believe every building we create, and every part of that building, positively contributes to communities where people live, work and play.

Job Description

Cornerstone is currently seeking a talented and motivated individual to join our organization and growing team as a Senior Cyber Security Engineer

The Senior Cyber Security Engineer will leverage their broad IT skills and cyber knowledge to ensure that alert thresholds are properly defined and acted upon; to support cyber incident response processes to identify root cause, action indicators of compromise and follow actions necessary to contain threats. They will learn and use tools and investigative methods to conduct computer and mobile cyber incident investigations to ensure compliance with corporate Information Security policies and all applicable laws and regulations.

Essential Duties:

  • Incident response
  • Using tools in Cornerstone’s cyber security portfolio – Identify, Detect, Protect and Respond to enterprise cyber weaknesses and vulnerabilities.
  • Monitor the company’s logs, and network traffic for activities including but not limited to policy violations, anomalistic behaviors, intrusions, etc.
  • Quarantine, block or apply counter measures to remediate or lessen risk of detected issues.
  • Analyze log files to determine security incident impact
  • Develop and implement remediation plan for identified cyber risks
  • Communicate with leadership and stake holders as per Communication Plan
  • Serve as an active member of Cornerstone cyber incident response teams.
  • Respond to information security requests, incidents, and assigned tickets
  • Vulnerability Management
  • Review cyber alerts for critical/high vulnerabilities on endpoints and initiate remediation plans
  • Review vulnerability management reports and initiate remediation plans
  • Risk Management
  • Recommend new entries for Cornerstone’s cyber security Risk Register, based on vulnerabilities identified
  • Ensures compliance with applicable statutes and regulations
  • Support Cornerstone legal hold and associated requests
  • Assist Director, Cyber Security with corporate risk assessment exercises and remediations thereof
  • Participate in disaster recovery and business continuity efforts
  • Execute authorized information security project and initiatives.
  • Keeps abreast of emerging cyber security tools and best practices
  • Projects as assigned

Qualifications

  • U.S. Citizen
  • Bachelor’s degree in Computer Science, Computer and Network Security, Engineering, Business, Information Systems, or related field, or the equivalent combination of education and related experience.
  • 3-5 years of Security Operations Center, Cyber Incident Response experience and forensic incident investigations
  • Work experience using Cyberark, Rapid7 or Tenable, and Splunk Cloud SIEM preferred
  • Experience setting priorities and solving complex problems in a fast-paced, customer-focused team environment.
  • Experience with computer security practices and procedures.
  • Ability to work in a dynamic, technical team environment with competing priorities and meet deadlines that are important to project success.
  • Experience with approaching difficult problems with enthusiasm and creativity, and to change focus when necessary.
  • Effective verbal and written communication skills necessary to collaborate in a team environment and document, present and explain technical information.
  • At least one professional computer certification (e.g., CISSP, OSCP, SANS Certification, Security+).
Privacy Policy