Senior security engineer

Company Overview:

At Greenbrier, we do the hard work that matters. The Greenbrier Companies (NYSE:GBX) is powering the movement of products around the world as a leading designer, manufacturer and supplier of freight rail transportation equipment and services.

Greenbrier’s heritage of hard work and industrial innovation is celebrated at every level of our organization. We structure our business to support teams that deliver innovative solutions for our customers while positively impacting the world around us.

Greenbrier’s success begins with people. We believe in supporting our global workforce through our unwavering attention to Safety, Quality, Respect for People and Customer Satisfaction. Our IDEAL commitment is rooted in these values, which promotes Inclusion, Diversity, Equity, Access, and Leadership, creating a culture where employees are fulfilled and feel good about coming to work every day. A diverse, qualified, and engaged talent base is the key to our success.

Summary

The Senior Microsoft Defender Security Engineer will focus on ensuring the security and integrity of our Microsoft 365 environment. The ideal candidate will be a subject matter expert, proficient in Microsoft Defender for Endpoint, Sentinel SIEM, Defender for Identity, Defender for Cloud Apps, Microsoft Information Protection, Microsoft DLP, and Microsoft Purview.

This individual will leverage their deep technical expertise to provide strategic guidance and operational support for the implementation, configuration, and management of these Microsoft Defender products. The role requires a strong understanding of cybersecurity best practices, experience with Microsoft 365 security technologies, and excellent communication skills to collaborate with diverse teams and stakeholders.

Duties and Responsibilities

To perform this job successfully an individual must be able to perform the following essential duties satisfactorily. Other duties may be assigned to address business needs and changing business practices.

• Review, analyze, and troubleshoot complex security issues across Microsoft 365 products, collaborating with IT teams to understand, resolve, and communicate solutions effectively.
• Utilize troubleshooting tools (e.g., event logs, performance traces) to diagnose and remediate security incidents promptly.
• Provide expert guidance and support to internal teams, including best practices and education to proactively address potential security risks.
• Collaborate with development teams to identify and resolve configuration, code, or service deficiencies that impact security.
• Analyze incident patterns to identify areas for improvement in support processes and workflows, driving continuous improvement in security operations.
• Work collaboratively across teams to resolve cross-product technical issues, partnering with support engineering, product groups, services teams, and account teams as needed.

Microsoft Defender Security Expertise:

• Conduct thorough security assessments of the Microsoft 365 environment, identifying vulnerabilities, and providing detailed remediation guidance.
• Perform code reviews and collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC).
• Develop and maintain threat models for applications, identifying potential security threats and vulnerabilities, and working with development teams to address security concerns early in the design phase.
• Design, implement, and maintain secure architecture solutions for applications and systems, adhering to industry best practices and regulatory requirements.
• Stay current with evolving industry trends and emerging technologies in the Microsoft Defender security landscape to proactively address potential challenges.
• Serve as a subject matter expert in incident response, providing timely support and leadership in the event of a security incident or breach. Collaborate with cross-functional teams to investigate and remediate incidents efficiently.
• Develop and deliver comprehensive security training programs for development and operations teams, fostering a culture of security awareness and best practices throughout the organization.
• Evaluate, implement, and manage security tools and automation processes to enhance the efficiency and effectiveness of security initiatives.

Qualifications

The following generally describes requirements to successfully perform the assigned duties.

Minimum Qualifications

• 5+ years of experience in technical support, technical consulting, or information technology, with a focus on security.
• OR Bachelor's Degree in Computer Science, Information Technology, or a related field AND 3+ years of relevant experience.
• 3+ years of hands-on experience with Exchange or Office 365, including Security & Compliance, eDiscovery, Auditing, DLP, etc.
• Strong understanding of Enterprise Messaging Administrative concepts.
• In-depth experience with Microsoft Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Microsoft Information Protection, Microsoft DLP, and Microsoft Purview.
• Solid knowledge of Azure Active Directory and cloud identity concepts.
• Proven experience developing and implementing security baselines aligned with industry best practices.
• Ability to lead and participate effectively in security strategy discussions.
• Excellent communication and presentation skills, with the ability to explain complex technical concepts clearly to diverse audiences.

Preferred Qualifications

• Certifications in Microsoft Defender technologies or related security disciplines (e.g., Microsoft 365 Certified: Security Administrator Associate).
• Experience working in a Security Operations Center (SOC) environment.
• Scripting or automation experience (e.g., PowerShell, Python) for security tasks.
• Knowledge of threat intelligence and incident response frameworks.
• Experience with security information and event management (SIEM) systems.
• Strong analytical and problem-solving skills.
• Ability to work independently and collaboratively in a fast-paced, dynamic environment.

Work Environment and Physical Requirements

Work Environment

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• In Office

Physical Activities and Requirements

Frequency Key

Not Applicable: Activity is not applicable to this occupation

Occasionally: Occupation requires this activity up to 33% of the time (0- 2.5+ hours/day)

Frequently: Occupation requires this activity from 33% - 66% of the time (2.5: 5.5+ hours/day)

Constantly: Occupation requires this activity more than 66% of the time (5.5+ hours/day)

Working Postures

• Sit: Frequently
• Walk: Occasionally
• Bend: Occasionally
• Kneel/Squat: Not Applicable
• Crawl: Not Applicable
• Climb: Not Applicable
• Reach Forward: Occasionally
• Reach Upward: Not Applicable
• Handling/Fingering: Frequently

Lift / Carry Requirements

• 5-10 lbs: Not Applicable
• 10-25 lbs: Not Applicable
• 25-50 lbs: Not Applicable
• 50-75 lbs: Not Applicable
• 75+ lbs: Not Applicable

Push / Pull Requirements

• Up to 10 lbs: Not Applicable
• 10-25 lbs: Not Applicable
• 25-50 lbs: Not Applicable
• 50-75 lbs: Not Applicable
• 75+ lbs: Not Applicable

EOE including Vet/Disability

Click here for more information: Know Your Rights

Greenbrier makes reasonable accommodations in the application and hiring process for individuals with known disabilities, unless providing accommodation would result in an undue hardship. Any applicant believing that he or she may need reasonable accommodation for any part of the application and hiring process should contact Greenbrier Human Resources at or call us at .


-


Email communication from The Greenbrier Companies (Greenbrier) will always come from a corporate email address that ends in @gbrx.com or from our applicant tracking system, iCIMS, after you have created a secure account and submitted your application. During the application process, you will create a secure account in our secure applicant tracking site that ends with “-gbrx.icims.com”. In this portal, we will ask you to provide your contact information, past employment history, education history and other job-related information.