Key Responsibilities · Implement and maintain cybersecurity tools and platforms across the enterprise, including extended endpoint detection and response (XDR), email security systems, and cloud security solutions.

· Lead and manage the enterprise Vulnerability Management Program, coordinating with infrastructure and application teams to drive timely remediation.

· Monitor and analyze cybersecurity alerts; lead response activities and investigations following NIST - incident response lifecycle.

· Develop and maintain correlation rules to improve threat detection, reduce false positives, and ensure timely alerting to Tier analysts.

· Own the email security ecosystem, including administration of tools and enforcement of DMARC policies.

· Administer and maintain the enterprise email security gateway, ensuring secure, timely, and reliable delivery of all inbound and outbound email communications.

· Perform advanced threat hunting and cyber risk mitigation using IOCs (Indicators of Compromise), BIOCs (Behavioral Indicators of Compromise, and known TTPs (Tactics, Techniques, and Protocols).

· Develop and maintain PowerShell scripts to automate routine tasks, streamline security operations, and the Cybersecurity team.

· Document and maintain security architecture diagrams, system configurations, and standard operating procedures (SOPs) as needed.

· Troubleshoot and resolve operational issues related to cybersecurity solutions in coordination with cross-functional teams.

· Engage with third-party security vendors and service providers as needed for escalation and support.

· Mentor junior team members and contribute to the ongoing improvement of the security program.

Required Qualifications

· Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience).

· + years of experience in cybersecurity operations or engineering roles, with increasing responsibility.

· Mastery in alert analysis, incident response, and threat detection methodologies.

· Deep understanding of MITRE ATT&CK, NIST cybersecurity framework, and modern threat actor TTPs.

· Strong experience with Windows Server and Desktop OS, Office , and Microsoft Azure.

· Proven expertise managing endpoint detection & response (EDR/XDR) platforms.

· Experience building SIEM correlation rules and detection content.

· In-depth knowledge of email security technologies, SPF, DKIM, DMARC, and general email infrastructure.

· Strong understanding of vulnerability scanning tools and coordinating remediation activities.

Preferred Qualifications

· Experience with Cortex XDR, Microsoft Defender Suite, Proofpoint Email Security Gateway and related tools, and Rapid are a plus

· Exposure to scripting (, PowerShell, Python) to automate tasks and improve detection capabilities.

· Familiarity with Zero Trust architecture, and cloud security posture management

· Knowledge of Operational Technology (OT) security concepts and architectures, including familiarity with the Purdue Model for industrial control systems.