Sr. Global Cybersecurity Engineer

About The Position

Requirements

• Minimum 8 years of cybersecurity engineering or architecture experience in a large, distributed enterprise environment with a mix of cloud and on-prem infrastructure.
• Proven hands-on experience implementing and managing enterprise security controls across Microsoft Azure, M365, and hybrid infrastructure environments.
• Strong technical knowledge of core protection domains including endpoint, server, and platform security; identity and access management; data-loss prevention and information protection; configuration hardening; and security configuration management.
• Extensive engineering experience with Entra/Active Directory, Windows and Linux Operating Systems, encryption, key-management, PKI, certificate lifecycle management, DNS, email security, and web filtering.
• Deep understanding and ability to operationalize Zero Trust and defense-in-depth principles, including segmentation, conditional access, and least privilege enforcement.
• Strong knowledge of Windows and Linux systems administration, networking fundamentals, and secure data flow design across hybrid architectures.
• Experience participating in or supporting CSIRT/incident response activities including alert analysis, containment, and post-incident control improvements.
• Familiarity with cloud security posture management (CSPM), data protection, and secure configuration practices across Azure and Microsoft security technologies such as Entra ID, Defender, and Intune.
• Proven ability to collaborate with Governance, Risk & Compliance and Threat & Exposure Management teams to assess control effectiveness, remediate vulnerabilities, and reduce enterprise risk.
• Proficiency with automation or scripting (e.g. PowerShell, Python) to streamline security configuration, monitoring, and control enforcement.
• Practical understanding of information security frameworks and standards including ISO 27000, NIST CSF, and CIS Controls, with ability to operationalize pragmatically in engineering and operations.
• Strong project and program management capabilities, with excellent organizational, problem-solving, and stakeholder engagement skills; able to manage multiple initiatives, drive accountability, and influence cross-functional teams.
• Excellent communication and collaboration skills with demonstrated ability to influence technical, operational, and business teams in a global organization.

Responsibilities

• Design, implement, and maintain enterprise security controls across cloud and on-premises infrastructure applying Zero Trust and defense-in-depth principles to strengthen protection and resiliency across Axalta’s global technology environment.
• Serve as a security subject matter expert for enterprise protection capabilities including endpoint, server, and platform protection covering anti-malware/EDR, DLP & information protection, configuration hardening, access control, and security configuration management to maintain secure design, configuration, and operation across the enterprise.
• Engineer and maintain enterprise security infrastructure supporting data protection, encryption, key-management, PKI and certificate lifecycle management, as well as DNS, email security, and web filtering capabilities that protect systems and information across the enterprise.
• Support the Governance, Risk & Compliance function in assessing and validating technical controls, participating in risk assessments and control assurance activities, and providing technical evidence for audit and compliance initiatives.
• Partner with Threat & Exposure Management to interpret vulnerability and configuration data, implement sustainable remediation, and track closure of findings through architectural improvements, configuration hardening, and technical or process mitigations.
• Define and operationalize formal secure configuration baselines, hardening standards, and reference architectures to ensure consistent implementation of security controls across global platforms in alignment with program objectives.
• Participate in or lead project and architecture design reviews to embed security requirements throughout the system development lifecycle and guide secure implementation across infrastructure and application projects and initiatives.
• Function as a senior resource and team member in CSIRT operations including support of event analysis, containment activities, and post-incident reviews; develop and implement architectural or control improvements based on lessons learned.
• Provide operational support, lifecycle management, and continuous improvement for assigned security platforms to maintain reliability and performance.
• Collaborate globally with Security, IT Infrastructure & Operations, Enterprise Architecture, Application and Business teams to secure data flows, enforce policies, and advance organizational cybersecurity maturity.
• Stay current with emerging threats, Microsoft platform security capabilities, and industry best practices to enhance Axalta’s engineering capabilities and security posture.