Cyber Security Engineer II in Remote, Oregon at Johns Manville Corp - Berkshire Hathaway

Cyber Security Engineer II
Work From Home (Remote) US
R26_0880
Full time
$101,900.00-$152,900.00 Annual

This is the base salary pay range that an applicant can expect to make upon hire. Pay within this range will vary based upon relevant experience, skills, and education among other factors. In addition, this position is eligible for an incentive bonus.

The Senior Cyber Security Engineer will lead the design, implementation, administration, and support of complex enterprise security initiatives across Johns Manville’s global environment. This role is responsible for securing enterprise infrastructure, cloud environments, engineering systems, manufacturing plant floor operations, and critical business technologies through advanced security engineering, operational security management, incident response, and security architecture activities.

The ideal candidate will possess deep technical expertise in cloud security, SIEM/SOAR technologies, vulnerability management, incident response, detection engineering, and security automation, along with strong project leadership and collaboration skills. This position plays a critical role in advancing the organization’s cybersecurity maturity, improving threat visibility, reducing operational risk, and supporting business continuity.

This is a remote/hybrid position. Candidates must reside within the United States and be willing to travel occasionally to the corporate headquarters in Denver, CO and other JM facilities as required.

Responsibilities

Security Architecture and Engineering (10%)

• Lead the design, implementation, and support of enterprise cybersecurity solutions and security architecture initiatives.
• Conduct security research, evaluate emerging technologies, and recommend solutions to improve the organization’s security posture.
• Design and implement security controls across enterprise infrastructure, cloud platforms, endpoints, identity systems, and manufacturing environments.
• Develop and maintain secure configurations, security standards, and technical documentation.

Security Project Management and Implementation (10%)

• Lead and support cybersecurity projects involving multiple business units, technical teams, vendors, and stakeholders.
• Manage implementation of enterprise security technologies and security enhancement initiatives.
• Coordinate project timelines, technical deliverables, testing, validation, and operational transition activities.
• Support security integration efforts for cloud services, endpoint technologies, vulnerability management platforms, SIEM/SOAR solutions, and identity security initiatives.
• Participate in planning and execution of security modernization and operational improvement projects.

Operational Security Management (30%)

• Serve as a senior technical expert for enterprise cybersecurity operations and security technologies.
• Administer, maintain, and optimize security platforms including:
  • Cloud security technologies
  • Endpoint Detection and Response (EDR/XDR)
  • Email security
  • Identity and access management
  • Data protection technologies
  • SIEM and SOAR platforms
  • Vulnerability management platforms
  • Threat intelligence integrations
• Develop, tune, and maintain advanced threat detections, correlation rules, analytics, dashboards, and automation workflows.
• Utilize Kusto Query Language (KQL) to develop advanced threat hunting queries, detections, reporting, and security investigations within Microsoft Sentinel, Microsoft Defender, and related security platforms.
• Develop and maintain SOAR playbooks and automation workflows to improve incident response efficiency and reduce manual operational tasks.
• Perform advanced threat hunting and log analysis across cloud, endpoint, network, and identity environments.
• Support secure cloud operations and security monitoring across platforms such as Microsoft Azure, Microsoft 365, AWS, and related enterprise technologies.

Vulnerability Management and Risk Reduction (15%)

• Lead vulnerability management initiatives across enterprise infrastructure, cloud services, servers, endpoints, applications, and operational technology environments.
• Maintain in-depth knowledge and operational experience with vulnerability management and scanning platforms such as Tenable, Qualys, Rapid7, Defender Vulnerability Management, or equivalent technologies.
• Coordinate vulnerability remediation efforts with infrastructure, server, networking, cloud, and application teams.
• Analyze vulnerability data, prioritize remediation activities based on risk, and provide reporting to technical leadership and management.
• Conduct security validation and support penetration testing coordination and remediation tracking activities.

Technical Collaboration and Mentoring (5%)

• Collaborate with infrastructure, engineering, cloud, networking, DevOps, and business teams to implement secure solutions and resolve security issues.
• Provide technical mentorship, training, and guidance to cybersecurity engineers, analysts, and IT personnel.
• Assist teams with secure deployment practices, incident troubleshooting, and operational security best practices.
• Support development of operational procedures, standards, and security documentation.

Incident Response, Detection Engineering, and Forensics (30%)

• Lead and support cybersecurity incident handling, investigation, containment, eradication, and recovery efforts.
• Perform advanced forensic analysis and security investigations involving endpoints, cloud services, email systems, identity systems, and enterprise infrastructure.
• Develop and maintain threat detections and response processes across SIEM, EDR/XDR, and cloud security platforms.
• Analyze escalated security alerts and suspicious activity to identify malicious behavior and reduce false positives.
• Create and maintain custom detection logic and security analytics to improve threat visibility and response capabilities.
• Develop remediation plans and coordinate incident response activities with technical teams and leadership.
• Prepare investigation findings, root cause analysis, and executive-level incident reporting documentation.
• Utilize PowerShell scripting and automation to support investigations, security administration, reporting, and operational efficiency initiatives.

Requirements

• Bachelor’s degree with a minimum of 7 years of IT experience, OR
• 7-10 years of overall IT experience with at least 7 years focused in cybersecurity/network security.

Additionally, candidates should possess two or more of the following certifications:

• CISSP
• GIAC Certification
• Microsoft Security Certifications
• Azure Security Certifications
• Or equivalent cybersecurity-related certifications

A Master’s degree in Cybersecurity, Information Security, Computer Science, or related field may be considered in lieu of some experience requirements.

Required Technical Skills and Experience

• Expert-level experience supporting enterprise cybersecurity technologies and operations.
• Advanced experience with SIEM and SOAR technologies, including security automation, orchestration, and incident response workflow development.
• Strong experience utilizing KQL (Kusto Query Language) for threat hunting, analytics, detections, dashboards, and investigations.
• Strong PowerShell scripting experience for automation, reporting, incident response, and systems administration tasks.
• Deep understanding of incident response methodologies, threat detection engineering, and forensic analysis best practices.
• In-depth experience with vulnerability management programs, vulnerability scanning platforms, remediation coordination, and risk prioritization processes.
• Experience implementing and managing enterprise security technologies in cloud, hybrid, and on-premises environments.
• Experience with Microsoft Sentinel, Microsoft Defender, CrowdStrike, Tenable, Qualys, Rapid7, or similar enterprise security platforms preferred.
• Experience supporting cloud security operations and securing Microsoft 365, Azure, AWS, or hybrid enterprise environments.
• Understanding of secure software development practices, DevOps/DevSecOps concepts, and application security principles preferred.
• Experience with security monitoring, endpoint protection, identity security, email security, and data protection technologies.
• Strong analytical, troubleshooting, communication, and project management skills.

Additional Requirements

• Ability to handle sensitive and confidential information.
• Ability to work independently and lead complex technical initiatives.
• Participation in after-hours support and on-call rotation as required.
• Moderate travel required (11–29 days annually), including occasional travel to manufacturing facilities and corporate locations.
• Remote and hybrid work candidates must maintain a secure working environment and effectively collaborate with distributed teams.

#LI-DNI

Please Keep in Mind

If you do not meet 100% of these requirements, we at JM still want to hear from you. So, if you are interested in the role, we encourage you to apply so we can learn how your skills and talents can contribute to our team.

Benefits

Johns Manville (JM) offers a wide range of benefits to employees. Some are subsidized by the company and others are fully employee-paid. Health benefits include a choice of comprehensive medical plans, a dental plan, vision plan, wellness program and critical illness insurance. JM sponsors a 401(k) plan which includes a sizeable company match. JM offers paid vacation and also provides paid sick and parental leave for eligible employees.

Additionally, Johns Manville provides basic life Insurance, short-term and long-term disability coverage, an employee assistance program, and business travel accident coverage. Supplemental life insurance and accidental death and dismemberment insurance are available as well. The company also offers a variety of tax saving accounts; health spending account, traditional flexible spending account, and a dependent care spending account. JM also offers a tuition reimbursement program for undergraduate and certain graduate programs.

Johns Manville supports employee growth with vast educational opportunities and a company-wide mentoring program. This program pairs employees and leaders to grow skills, build stronger internal networks and strengthen the company’s succession planning process. Johns Manville also offers soft and hard skills training facilitated by internal and external presenters. Our talent management team prioritizes the holistic growth of our workforce.

Diversity & Inclusion

Johns Manville believes diversity and inclusion in our workplace is critical for the long-term success of our company. We are committed to retaining, developing and attracting a diverse workforce that fosters an inclusive work environment in which all employees are treated with dignity and respect. This is the right thing to do for our employees, our company and our communities.

Incumbent must be physically able to perform essential job functions. Reasonable accommodations may be made to enable individuals with disabilities to perform essential job functions.

We are proud to be an Equal Opportunity/Affirmative Action employer. We maintain a drug-free workplace and perform pre-employment substance abuse testing.

About Us