Senior Security Engineer

Chromalloy Gas Turbine LLC • Full-time • Carson City, NV, USA • 2d ago

POSITION: Senior Security Engineer
SCHEDULE: Will discuss with applicant
LOCATION: Hybrid/Carson City, NV
SALARY: $120,792 - $158,540/YR
**TO APPLY:
Direct Link: https://jobs.dayforcehcm.com/en-US/chromalloy/CANDIDATEPORTAL/jobs/22017
Career Page:**https://www.chromalloy.com/careers/

Please note, employers may close jobs on the website at any time.
SUMMARY:
We are seeking a highly experienced Senior Security Engineer to lead and support advanced cybersecurity initiatives across our enterprise, with a strong emphasis on aerospace and defense manufacturing environments. This role requires deep technical expertise in data protection, operational technology (OT) governance, digital forensics, and secure infrastructure. The ideal candidate will have a proven track record in implementing NIST 800-171 controls and supporting compliance efforts in regulated industries.

MINIMUM/PREFERRED REQUIREMENTS:
Qualifications:
Bachelors or Masters degree in Cybersecurity, Computer Science, or a related field.
7+ years of experience in cybersecurity engineering roles, preferably in aerospace, defense, or other regulated industries.
Deep understanding of NIST 800-171, DFARS, and ITAR compliance requirements.
Extensive track record as a technical lead and subject matter expert for implementation of cybersecurity projects and initiatives.
Proven experience in systems hardening, including application of DISA STIGs and CIS benchmarks.
Hands-on experience with forensic tools and investigative methodologies.
Familiarity with OT environments and associated security challenges.
Experience with enterprise DLP, classification, and encryption technologies.
Excellent communication, documentation, and cross-functional collaboration skills.
Relevant certifications (e.g., CISSP, GIAC, GCFA, CEH, CKS) are highly desirable.

Preferred Qualifications:
Experience with cloud-native security tools (AWS, Azure) as well as legacy on-premises solutions.
Knowledge of Zero Trust and SASE frameworks.
Scripting and automation skills (Python, Bash, etc.).
Experience working with government or defense contractors.

JOB RESPONSIBILITIES/DUTIES:
Serve as a technical lead and subject matter expert for cybersecurity projects and initiatives.
Design, implement, and maintain security architectures that align with business and regulatory requirements.
Collaborate with cross-functional teams including IT, engineering, legal, and compliance to ensure security is embedded across systems and processes.
Conduct risk assessments and threat modeling to identify vulnerabilities and recommend mitigation strategies.
Develop and maintain security plans, and procedures, support maintenance of policies and standards.
Monitor and respond to security incidents, ensuring timely resolution and documentation.
Mentor junior security analysts and leads and contribute to team development and knowledge sharing.
Stay current with emerging threats, technologies, and industry best practices.
Support audits, assessments, and reporting for internal and external stakeholders.
Advocate for security awareness and training across the organization.

Key Responsibilities:

DLP Strategy and Execution: Lead the evaluation, selection, and deployment of modern Data Loss Prevention (DLP) solutions to replace legacy systems, ensuring alignment with compliance and business needs.

Operational Technology (OT) Governance: Develop and enforce security policies and controls for OT environments, including ICS/SCADA systems, with a focus on secure integration in aerospace and defense manufacturing settings.

Digital Forensics and Investigations: Conduct forensic analysis of security incidents, support internal investigations, and maintain proper chain-of-custody and evidence handling procedures.

Digital Signatures and Email Encryption: Design and manage enterprise-wide digital signature and secure email encryption solutions to protect sensitive communications and intellectual property.

Systems Hardening and STIG Compliance: Lead efforts to harden systems across the enterprise, with a strong focus on applying DISA STIGs and other industry benchmarks to ensure secure configurations for Windows and Linux OSes, networking with PAN firewalls and GlobalProtect VPN, O365, TeamCenter, and other organizational systems.

Classification Suite Replacement: Lead the transition from legacy data classification tools to modern, automated classification and labeling solutions that support compliance with NIST 800-171 and ITAR.

Zero Trust Architecture Implementation: Drive the design and implementation of Zero Trust principles across identity, device, network, and application layers.

Secure Access Service Edge (SASE): Architect and deploy SASE solutions to unify networking and security services, enabling secure access for distri