Senior Cybersecurity Engineer

This is the base salary pay range that an applicant can expect to make upon hire.   Pay within this range will vary based upon relevant experience, skills, and education among other factors. In addition, this position is eligible for an incentive bonus. 

The Senior Cyber Security Engineer will lead the design, implement and support a variety of complex projects supporting enterprise security solutions for network infrastructure, engineering environments, manufacturing plant floor, and other areas of JM. 

This is a fully remote position, candidates must live within the US and be willing to travel to our corporate headquarters in Denver, CO on occasion.

Anticipated deadline to apply: 2/21/2025. This deadline is Johns Manville’s good faith estimate of when the application will close.  Johns Manville may extend the deadline and will update this posting promptly if it is extended.
 
Responsibilities:

• Architecture (10%): Lead security design efforts for critical security technologies.  Will complete research and recommend solutions in the area of responsibility.  

• Security Project Management (20%): Utilize project management skills to ensure timeliness and quality of security projects in area of responsibility.  Projects may be highly complex and involve multiple resources within JM. 

• Operational Security Management (30%): Senior most expert in security system management which includes technologies such as Cloud security, email security, data protection, endpoint security, Microsoft 365, and supporting tools used by the security team.  Specific areas of expertise may vary depending upon area of responsibility.  Lead Cyber Security Engineers are required to serve as the expert in multiple areas of expertise within the organization. 

• Technical Collaboration and Mentoring (10%): Works with business and technical peers to implement security systems, new technology, and incident troubleshooting.   Provides training and coaching for JM systems users.  Train and mentor security engineering personnel on security architecture, new technology, and incident troubleshooting. 

• Incident Handling (30%): Oversee security incident handling. Respond to security events and perform analysis on detected or escalated events.  Develop and coordinate remediation plans for incidents. Provide forensic analysis of security violations and report investigation details to management. Analysis may be complex in nature and this role may conduct investigations independently or may lead efforts of multiple security engineers depending upon the incident. 

Requirements:

• Bachelor’s degree, minimum of 8 years of IT experience OR
• 12 years overall IT experience 7 years of which are in cyber/network security with two or more of the following certifications: CISSP, ENCE, SANS GIAC, Cisco CCSP, CISM or an applicable certification related to cyber/network security, or completion of a Masters Degree in Cyber/Network Security
• Expert level experience in security technologies for areas of responsibility which may require a mixture of skills in areas such as 

• Email protection 

• Cloud Security 

• Endpoint management, deployment and security 

• Threat management 

• Vulnerability and penetration management 

• Data Protection 

• Insider threat management 

• Identity Management 

• Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) 

• Expert skills in Incident Response best practices, processes, procedures and technologies. 

• Expert knowledge and experience with forensic best practices 

• Understanding of web application design, function and secure software development lifecycles preferred. 

• Remote and Hybrid work positions require a secure working environment and the ability to effectively engage peers and customers within the organization 

• Will be on call and will work after hours as needed 

• Ability to handle sensitive and confidential information 

• Moderate travel required 11 to 29 days per year 
• Work environment is typical of an office setting, however, must be able to travel to manufacturing facilities globally for projects. 

*Note: Willing to consider someone with the following experience

• Bachelor’s degree, minimum of 5 years of IT experience OR
• 8 overall IT experience 6 years of which is in cyber/network security experience with one or more of the following certifications: CISSP, ENCE, SANS GIAC, Cisco CCSP, CISM or an applicable certification related to cyber/network security
• They would come in at a Cyber Security Engineer II and the yearly salary range is the following: 97,000- 125,000)

Please Keep in Mind

If you do not meet 100% of these requirements, we at JM still want to hear from you. So, if you are interested in the role, we encourage you to apply so we can learn how your skills and talents can contribute to our team.

Benefits

Johns Manville (JM) offers a wide range of benefits to employees. Some are subsidized by the company and others are fully employee-paid. Health benefits include a choice of comprehensive medical plans, a dental plan, vision plan, wellness program and critical illness insurance. JM sponsors a 401(k) plan which includes a sizeable company match. JM offers paid vacation and also provides paid sick and parental leave for eligible employees.

Additionally, Johns Manville provides basic life Insurance, short-term and long-term disability coverage, an employee assistance program, and business travel accident coverage. Supplemental life insurance and accidental death and dismemberment insurance are available as well. The company also offers a variety of tax saving accounts; health spending account, traditional flexible spending account, and a dependent care spending account. JM also offers a tuition reimbursement program for undergraduate and certain graduate programs.

Diversity & Inclusion

Johns Manville believes diversity and inclusion in our workplace is critical for the long-term success of our company. We are committed to retaining, developing and attracting a diverse workforce that fosters an inclusive work environment in which all employees are treated with dignity and respect. This is the right thing to do for our employees, our company and our communities. Our D&I council is composed of employees from locations across North American & Europe who meet regularly and work to promote and foster an environment of inclusion. Born from our D&I council is our network of employee resource groups (ERGs) that are focused on supporting diverse communities in the workplace. Review more about our diversity & inclusion initiatives on JM’s Career page.

Incumbent must be physically able to perform essential job functions. Reasonable accommodations may be made to enable individuals with disabilities to perform essential job functions.

We are proud to be an Equal Opportunity/Affirmative Action employer. We maintain a drug-free workplace and perform pre-employment substance abuse testing.