Job Description:Location: Remote, USA. Candidate must be able to work EST hours.
Company Overview
Performing over 80 million utility locates annually, USIC is the most trusted name in underground utility damage prevention and protection. USIC provides a full suite of public and private utility services throughout the United States, with advanced offerings and superior technology to meet every underground utility damage prevention and protection need.
Our mission is to deliver quality, efficient, safe, and innovative solutions to protect our partners’ infrastructure and critical assets.
Summary
The Cyber Security Engineer is responsible for the design, implementation, operation, and continuous improvement of enterprise security controls that protect critical infrastructure, systems, and data. This role serves as a hands-on engineering contributor within a lean, high-trust cybersecurity team, owning core security tooling and processes while acting as an escalation point for complex incidents. Operating at the intersection of security engineering, incident response, and program maturity, the Cyber Security Engineer partners closely with IT Infrastructure teams and external SOC/MDR providers to ensure threats are detected, contained, and eradicated effectively. Success in this role is driven by technical depth, operational ownership, and strong collaboration rather than passive monitoring.
Responsibilities
Own triage, investigation, and response for security alerts and incidents across enterprise environments
Serve as an internal escalation point for high-severity and complex security incidents
Partner with external SOC/MDR providers on escalated alerts, tuning, and response coordination
Conduct root-cause analysis, containment, eradication, and post-incident reviews with documented lessons learned
Engineer, configure, and administer core security tools including EDR, vulnerability management, and email security platforms
Design and implement detection rules, correlation logic, and automated response actions to improve security coverage and reduce mean time to response
Evaluate, recommend, and implement new security tools and capabilities aligned to the security roadmap
Maintain and improve integrations between security platforms and enterprise systems
Own the vulnerability management lifecycle including scanning, prioritization, remediation tracking, and risk reporting
Partner with Infrastructure and IT Operations teams to drive remediation efforts and verify fixes
Produce vulnerability trend analysis, risk exposure metrics, and executive-facing reports
Contribute to security program development by identifying gaps, proposing improvements, and executing initiatives
Track and report on operational security metrics such as incident volume, MTTD, MTTR, and SLA performance
Serve as a key technical advisor to Infrastructure teams on endpoint, server, network, and cloud security
Support security awareness initiatives and cross-functional security education efforts
Requirements
Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field, or equivalent practical experience
3–5 years of hands-on experience in cybersecurity engineering, IT security, or a related discipline
Demonstrated ownership of incident response activities from detection through containment, eradication, and post-incident review
Strong experience engineering and tuning detection rules, SIEM alerts, and automated response workflows
Proven vulnerability management experience including scan configuration, risk prioritization, and remediation tracking
Hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, or equivalent
Experience administering and engineering security tools such as EDR, vulnerability management, and email security platforms
Experience managing or partnering closely with SOC, MDR, or MSSP providers
Deep understanding of common attack vectors and adversary techniques including phishing, ransomware, credential compromise, lateral movement, and privilege escalation
Strong analytical thinking, incident ownership, and documentation skills
Ability to collaborate effectively with infrastructure, operations, and business stakeholders
Relevant cybersecurity certifications (e.g., Security+, CySA+, CEH, GIAC) preferred
Scripting or automation experience using Python or PowerShell preferred
Experience securing enterprise infrastructure including Active Directory, cloud platforms (Azure, AWS, GCP), and hybrid environments
Familiarity with security frameworks such as NIST CSF or CIS Controls preferred
We are an Equal Opportunity Employer. Veterans are encouraged to apply.