Cybersecurity Engineer

About the Role

Kloeckner Metals Corporation (KMC) is seeking an experienced Senior Security Engineer who combines strong technical depth with an understanding of governance, risk, and operational realities across a distributed environment. You will own and advance core security capabilities for KMC, support USfocused regulatory and contractual requirements, and act as ahandsontechnical leader within the global security program.

• Continuously improve security controls across cloud (Azure/M365), on-prem, and hybrid environments
• Drive detection engineering, SIEM use-case development, log modernization, and security telemetry improvements
• Lead vulnerability management lifecycle: scanning, coordination, remediation oversight, and executive reporting
• Lead escalated incident response activities: forensics, containment, post incident reviews, and resilience measures
• Oversee endpoint security (Defender Suite), identity protection, secure configuration baselines, network segmentation, and hardened remote access

• Support US specific regulatory and contractual requirements (CMMC readiness where applicable, NIST 80053/171, CCPA)
• Maintain security standards, runbooks, and technical procedures for KMC operations
• Ensure alignment with global frameworks (CIS v8.1, ISO 27001, NIS2 informed policies where applicable)

• Perform technical assessments of third party vendors; support procurement with security input
• Lead or contribute to major security initiatives such as SIEM uplift, EDR optimization, IAM modernization, network security baseline, and MDM/secure mobility
• Collaborate with IT, operations, warehousing, and corporate functions to ensure secure-by-default designs
• Partner closely with IT Infrastructure teams to help them understand, assess, and oversee ongoing and upcoming infrastructure projects, ensuring that security requirements are embedded early and consistently

• Mentor junior team members and support the KMC local security champions network
• Provide security input to leadership and help translate technical risk into business impact language

• 5+ years in cybersecurity with hands on engineering responsibility
• Strong knowledge of cloud security (Azure/M365), endpoint security, identity protection, network security, logging & monitoring
• Strong understanding of SIEM (Sentinel), EDR/MDE, KQL, detection engineering
• Experience in incident response, forensics, and threat driven defense
• Relevant certifications preferred (CISSP, GIAC, AZ500, MS500, GCIA, GCIH)

Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities

This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.