• Conduct in-depth analysis of security alerts to identify and respond to security incidents in real-time.
• Perform comprehensive vulnerability assessments, prioritize findings, and collaborate with IT teams to ensure timely remediation.
• Triaging email specific threats including messages that have been quarantined by automated processes
• Participate in and analyze the results of penetration tests to identify security gaps and recommend improvements.
• Implement and maintain security controls to ensure compliance with frameworks such as NIST CSF, NIST 800-171, and CMMC.
• Engage in proactive threat hunting to uncover hidden threats within the network.
• Analyze threat intelligence feeds to understand adversary tactics and enhance defensive measures.
• Lead and coordinate the response to major security incidents, from detection through post-incident analysis.
• Design and oversee the enterprise vulnerability management program, including policy, scanning, and remediation strategy.
• Plan and manage penetration testing and red team exercises to rigorously test security defenses.
• Ensure and validate organizational compliance with standards like CMMC Level 2, NIST CSF, and NIST 800-171, often leading audit-readiness activities.
• Develop and implement advanced threat hunting strategies based on threat intelligence.
• Manage the threat intelligence lifecycle, from collection and analysis to dissemination of actionable reports to leadership.
• Architect and optimize security toolsets, including SIEM rules and SOAR playbooks.
• Mentor mid-level and junior analysts, providing technical leadership and guidance.

MINIMUM REQUIREMENTS

• You hold a Bachelor’s degree in Cybersecurity, Computer Science, or a related discipline.
• You have at least five (5) years of progressive experience in cybersecurity, with demonstrated expertise in incident response, vulnerability management, and compliance.
• You have Expert-level knowledge of SIEM platforms, security orchestration, and advanced security tools.
• You have a deep understanding of the technical and procedural requirements of NIST and CMMC frameworks.
• You have proven experience leading forensic investigations and managing complex security projects.
• You have strong communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.

ADDITIONAL DESIRED/PREFERRED QUALIFICATIONS

• You have advanced certifications such as CISSP, CISM, or GIAC (GCIH, GCFA).
• You have experience with security architecture, DevSecOps practices, and cloud-native security tools.
• You have knowledge of malware reverse engineering and advanced threat actor tactics.
• You have experience in Governance, Risk, and Compliance (GRC) role.
• You have a background in a manufacturing or technology industry with specific regulatory demands.
• You have experience with email security, specifically as it relates to Business Email Compromise.
• You have practical knowledge of emerging technology risks, such as in AI/ML and IoT security.