Sr. Security Engineer

At Greenbrier, we do the hard work that matters. The Greenbrier Companies (NYSE:

GBX) is powering the movement of products around the world as a leading designer, manufacturer and supplier of freight rail transportation equipment and services.

Greenbrier’s heritage of hard work and industrial innovation is celebrated at every level of our organization. We structure our business to support teams that deliver innovative solutions for our customers while positively impacting the world around us.

Greenbrier’s success begins with people. We believe in supporting our global workforce through our unwavering attention to Safety, Quality, Respect for People and Customer Satisfaction. Our Inclusion, Diversity, Engagement, Access and Leadership (IDEAL) commitment is rooted in these values, which lead to a culture where employees are engaged and feel good about coming to work every day.

The Senior Security Engineer leads and advances enterprise security programs across endpoint detection and response, vulnerability management, cloud security, and incident response. This role leverages the Microsoft security ecosystem to protect a large, global environment and serves as a technical leader and mentor within the security team.

To perform this job successfully an individual must be able to perform the following essential duties satisfactorily. Other duties may be assigned to address business needs and changing business practices.

• Manage and optimize the enterprise Microsoft Defender for Endpoint (MDE) deployment across a large global endpoint fleet.
• Develop and maintain baseline security policies, Attack Surface Reduction (ASR) rules, and asset tagging strategies within MDE and Microsoft Intune.
• Drive MDR operations including alert triage, threat hunting using KQL advanced hunting queries, and continuous improvement of detection coverage.
• Evaluate, integrate, or retire supplementary EDR/AV tooling to ensure a cohesive, effective endpoint protection program.

• Own the enterprise vulnerability management program end-to-end, from scanning and prioritization through remediation tracking and reporting.
• Integrate vulnerability data with Service Now VR or equivalent ITSM platforms to drive structured remediation workflows.
• Build and maintain operational and executive dashboards that communicate risk posture and remediation progress to stakeholders.
• Collaborate with IT and engineering teams to achieve and sustain critical and high vulnerability compliance targets.

• Act as a senior contributor during cyber incident response, serving in roles including incident lead, SOC analyst, and threat intelligence.
• Conduct ongoing security investigations, manage tickets, and provide on-call after-hours incident support as needed.
• Leverage Microsoft Sentinel and MDE for detection engineering, SIEM tuning, and security operations workflow improvements.
• Contribute to the development and maintenance of IR playbooks, runbooks, and lessons‑learned documentation.

• Assess and improve Azure security posture by maintaining alignment to CIS Benchmarks and Microsoft Cloud Security Benchmark (MCSB).
• Monitor and drive improvements to Azure Secure Score, establishing regular reporting and remediation cadences with stakeholders.
• Support Azure IAM governance, including reviewing role assignments, enforcing least‑privilege principles, and remediating over‑permissioned identities.
• Collaborate with cloud and infrastructure teams on secure Azure Landing Zone design and control implementation.

• Lead software security review processes, assessing new and existing software for risk, reputation, and vulnerability exposure.
• Build and maintain automated investigation workflows using MDE advanced hunting and other tools to accelerate software approval decisions.
• Author and maintain enterprise security assessment playbooks and standards to ensure consistent, repeatable review processes.

• Function as a de facto technical project manager for enterprise security initiatives,…