About the Role
Kloeckner Metals Corporation (KMC) is seeking an experienced Senior Security Engineer who combines strong technical depth with an understanding of governance, risk, and operational realities across a distributed environment. You will own and advance core security capabilities for KMC, support US-focused regulatory and contractual requirements, and act as a hands-on technical leader within the global security program.
Key Responsibilities
Technical Security
• Continuously improve security controls across cloud (Azure/M365), on-prem, and hybrid environments • Drive detection engineering, SIEM use-case development, log modernization, and security telemetry improvements • Lead vulnerability management lifecycle: scanning, coordination, remediation oversight, and executive reporting • Lead escalated incident response activities: forensics, containment, post-incident reviews, and resilience measures • Oversee endpoint security (Defender Suite), identity protection, secure configuration baselines, network segmentation, and hardened remote access
Security Governance & Compliance
• Support US-specific regulatory and contractual requirements (CMMC readiness where applicable, NIST 80053/171, CCPA) • Maintain security standards, runbooks, and technical procedures for KMC operations • Ensure alignment with global frameworks (CIS v8.1, ISO 27001, NIS2) informed policies where applicable
Risk, Vendor & Project Enablement
• Perform technical assessments of third-party vendors; support procurement with security input • Lead or contribute to major security initiatives such as SIEM uplift, EDR optimization, IAM modernization, network security baseline, and MDM/secure mobility • Collaborate with IT, operations, warehousing, and corporate functions to ensure secure-by-default designs • Partner closely with IT Infrastructure teams to help them understand, assess, and oversee ongoing and upcoming infrastructure projects, ensuring that security requirements are embedded early and consistently
Awareness & Coaching
• Mentor junior team members and support the KMC local security champions network • Provide security input to leadership and help translate technical risk into business impact language
What We're Looking For
5+ years in cybersecurity with hands-on engineering responsibility Strong knowledge of cloud security (Azure/M365), endpoint security, identity protection, network security, logging & monitoring Strong understanding of SIEM (Sentinel), EDR/MDE, KQL, detection engineering Experience in incident response, forensics, and threat-driven defense Relevant certifications preferred (CISSP, GIAC, AZ500, MS500, GCIA, GCIH)