Jobs · Information Technology · Texas

Lead, Cyber Security Engineer

W.W.Williams · Irving, TX · 3 wk ago
Information TechnologyFull-time

Job Duties

  • Own, evolve, and communicate the WW Williams Cyber Security roadmap aligned to NIST CSF (Identify, Protect, Detect, Respond, Recover) functions.
  • Establish, document, and track security KPIs and KRIs to measure baseline performance, quantify risk reduction, and demonstrate continuous improvement to executive stakeholders.
  • Develop and maintain security policies, standards, and procedures in alignment with regulatory requirements and industry frameworks (NIST 800-53, CIS Controls).
  • Lead periodic cyber security maturity assessments; produce gap analyses with prioritized remediation roadmaps.
  • Manage relationships with MSSPs, vendors, and third-party assessors; conduct vendor security reviews.
  • Develop and implement threat detection strategies, including correlation rules and playbooks to minimize MTTD and MTTR.
  • Lead incident response activities including containment, eradication, forensic investigation, and post-incident review (PIR).
  • Maintain threat intelligence feeds; translate threat actor TTPs (MITRE ATT&CK) into actionable defensive controls.
  • Conduct adversarial simulation exercises (purple team / tabletop) to validate detection and response capabilities.
  • Administer and optimize advanced endpoint detection and response (EDR/XDR) platforms; enforce next-generation antivirus (NGAV) and behavioral anomaly detection policies.
  • Manage Field Effect Covalence (MDR) or equivalent managed detection and response solution; triage and act on platform alerts in concert with the SOC.
  • Oversee network security architecture including firewall rule-set management, IDS/IPS tuning, micro-segmentation, and zero-trust network access (ZTNA) initiatives.
  • Govern cloud security posture (CSPM) across Azure/AWS/GCP environments; enforce least-privilege IAM, secrets management, and cloud-native security controls.
  • Administer the KnowBe4 Security Awareness Training & Simulated Phishing platform; design targeted campaigns, track click-rate metrics, and report on risk reduction over time.
  • Drive a measurable reduction in human-layer risk through role-based training curricula, phishing simulations, and coaching for repeat offenders.
  • Serve as the internal security advocate; communicate risk in business terms to non-technical audiences including C-suite and field operations.
  • Own the full vulnerability management lifecycle: scan, prioritize (CVSS + business context), remediate, and verify closure within SLA.
  • Manage patch management cadences across servers, endpoints, OT/IoT-adjacent systems, and network devices.
  • Champion secure-by-design principles; conduct security design reviews and code-level assessments for internally developed applications.
  • Maintain a risk register and communicate residual risk posture to leadership on a regular cadence.
  • Govern privileged access management (PAM), MFA enforcement, and identity lifecycle processes in Active Directory / Azure AD / Entra ID.
  • Implement and maintain data loss prevention (DLP) controls; classify and protect sensitive business data across storage, transit, and endpoint.
  • Oversee email security stack (anti-phishing, DMARC/DKIM/SPF, secure email gateway) and web proxy / DNS filtering.

Work Experience And Required Qualifications

  • 8–10+ years of progressive, hands-on cyber security engineering experience in enterprise environments.
  • Demonstrated experience building or maturing a security program against a recognized framework (NIST CSF, NIST 800-53, CIS Controls, or ISO 27001).
  • Proven ability to define security baselines, measure current-state maturity, and track improvement over time using quantitative metrics.
  • Hands-on experience with KnowBe4 (administration, campaign design, reporting).
  • Hands-on experience with Field Effect Covalence, CrowdStrike Falcon, SentinelOne, Microsoft Defender XDR, or comparable MDR/XDR solutions.
  • Strong working knowledge of SIEM platforms (Microsoft Sentinel, Splunk, or equivalent); ability to write detection rules and build dashboards.
  • Strong understanding of network security principles: firewalls, IDS/IPS, NAC, VPN, ZTNA, and network traffic analysis.
  • Experience managing vulnerability scanners (Tenable Nessus / Security Center, Qualys, or Rapid7 InsightVM).
  • Proficiency with cloud security in at least one major cloud provider (Azure preferred); understanding of shared-responsibility model and CSPM tools.
  • Strong written and verbal communication skills; able to produce board-ready risk reports and technical runbooks alike.

Preferred Qualifications

  • CISSP, CISM, or GIAC certifications (GCIA, GCIH, GPEN).
  • Scripting/automation skills (Python, PowerShell, KQL).
  • Familiarity with OT/ICS security considerations.
  • Purple team / adversary emulation experience (MITRE ATT&CK).
  • PAM tooling (CyberArk, BeyondTrust, or Delinea).
  • SOX 2 Type II, CMMC, or PCI-DSS compliance exposure.

Similar jobs

Cybersecurity Engineer, Lead

Independence Pet GroupChicago, IL· 2 mo ago
Information Technologyapply on independencepetgroup.wd12.myworkdayjobs.com

Lead Cybersecurity Engineer

Ritchie Bros.Westchester, IL· 6 days ago
Information Technologyapply on fa-exew-saasfaprod1.fa.ocs.oraclecloud.com