Job Type: Full-time/Onsite 4 days a week, with 1 flexible day from home.

Location: Wickliffe, OH

Travel: < 5% (very limited)

How You'll Make an Impact

As a Security Engineer you'll be at the forefront of our innovation, accountable for designing, implementing, and governing a resilient security posture across enterprise environments, including on-premises, hybrid, and cloud platforms. The role ensures the confidentiality, integrity, and availability of organizational systems and data through strong security architecture, operational controls, and risk-based decision making.

This position provides technical assessment and guidance across security domains, including identity and access management, network and platform security, encryption, logging, and system hardening. The engineer establishes and enforces security standards, reviews architectures, and drives consistent security implementation across global environments.

The Security Engineer drives security risk assessments, threat modeling, vulnerability management, and penetration testing activities, translating findings into prioritized remediation plans aligned to business risk and operational impact. They deploy and manage cloud-native and enterprise security tools to monitor, detect, and remediate threats in a complex, global environment.

The role is responsible for maintaining alignment with applicable regulatory and industry frameworks (e.g., ISO 27001, NIST CSF / 800-53, CIS Benchmarks), supporting audits, and maintaining defensible technical documentation and evidence. Close collaboration with application, data, and infrastructure teams is required to embed security controls into system design, CI/CD pipelines, and deployment processes, promoting secure-by-design and automation-first practices.

In this role you will:

• Evaluate emerging technologies, threat trends, and architectural patterns, recommending improvements to security controls and operating models.
• Influence security strategy, contribute to roadmap planning, and mentor less experienced engineers to ensure the organization maintains a scalable, compliant, and resilient security capability.
• Strengthen the organization's global security posture by designing and implementing security controls across enterprise, cloud, and hybrid environments.
• Play a pivotal role in the design, deployment, and maintenance of security tools and solutions that enhance overall cybersecurity operations worldwide.
• Conduct and oversee vulnerability assessments, penetration testing, and technical risk evaluations, ensuring findings are prioritized and remediated.
• Perform technical security assessments and audits to ensure compliance with organizational policies and regulatory standards (e.g., ISO 27001, NIST 800-53)
• Collaborate closely with cross-functional teams including applications, data, and infrastructure to seamlessly integrate security requirements into architecture, CI/CD pipelines, and deployment processes, embedding security at every level.
• Stay abreast of emerging global cloud security threats, technologies, and compliance frameworks to provide valuable recommendations for continuously improving the organization's cloud security posture.
• Undertake other cloud and information security activities as needed to further enhance cybersecurity resilience across global operations.

Required Qualifications that Enable Your Success

• Bachelor's degree in Computer Science, Information Technology, or a related field, providing a strong foundation in cybersecurity principles and practices.
• Commitment to continuous learning and professional development in cybersecurity, staying updated with global trends, emerging threats, and evolving technologies to maintain expertise and strengthen the organization's global security posture.
• 2+years of experience in cybersecurity or a related role, with a strong understanding of security principles, practices, and technologies. This experience should include:
  • Demonstrated experience designing and implementing security controls across enterprise and cloud environments.
  • Hands-on experience with cloud security platforms and services.
  • Experience conducting security assessments, architecture reviews, vulnerability management, and penetration testing.
  • Experience supporting audits and compliance efforts against frameworks such as ISO 27001, NIST, or SOC 2.
  • Strong experience collaborating with applications, infrastructure, and data teams.
  • Working knowledge of authentication and authorization protocols (e.g., SAML, OAuth, OpenID Connect).

Preferred Qualifications that Drive you Forward

• Knowledge of cloud technologies and security best practices for platforms such as AWS, Azure, and GCP.
• Familiarity with SAP ERP S4/Hana and its security considerations.
• Understanding of industrial control systems (DCS/PLC/SCADA) and their unique security challenges.
• Strong business acumen to align cloud security strategies with organizational goals and objectives.
• The following certifications are considered a plus for the role:
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Cloud Security Essentials (GCLD)
  • GIAC Public Cloud Security (GPCS)
  • GIAC Cloud Penetration Tester (GCPN)
  • Microsoft Azure Security Engineer Associate (AZ-500)
  • ISC(2) Certified Cloud Security Professional (CCSP)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)
  • GIAC Security Essentials (GSEC)
  • Microsoft Azure Fundamentals (AZ-900)
  • Microsoft Security, Compliance, and Identity Fundamentals (SC-900)
  • ISC(2) Certified Information Systems Auditor (CISA)
  • CompTIA Cloud+
  • CompTIA Server+
  • CompTIA Security+

Skills & Systems:

• Cloud Security Systems: CASBs, CSPM tools, and CWPP platforms (e.g., Netskope, Palo Alto Prisma, VMware Carbon Black Cloud).
• Network Security Systems: Firewalls, IDS/IPS, VPNs, and NAC (e.g., Palo Alto Networks Firewall, Aruba ClearPass).
• Identity and Access Management (IAM): Active Directory, LDAP, SSO, MFA (e.g., Microsoft Active Directory, Entra/Azure ID, Okta).
• SIEM Systems: Collect and analyze security event logs (e.g., Splunk Enterprise Security, IBM QRadar, Palo Alto XSIAM).
• Endpoint Security: Antivirus, anti-malware, HIDS/HIPS, DLP (e.g., Cisco AMP, Cortex XDR).
• Web Application Firewalls (WAF): Protect web apps from vulnerabilities (e.g., F5 BIG-IP, ModSecurity).
• Data Encryption & Key Management: Secure sensitive data (e.g., Azure Key Vault, ECC, Blowfish).
• Vulnerability Management: Tools for scanning and testing (e.g., Rapid7 InsightVM, Metasploit).
• Incident Response & Forensics: Platforms for detection and analysis (e.g., Volatility, Recorded Future).
• Compliance & Governance: GRC platforms for global standards (e.g., AuditBoard, RSA Archer).

Your Work Environment

At Lubrizol, we're committed to providing a safe, inclusive, and empowering environment where you can do your best work-whether in a lab, on the production floor, or in a hybrid office setting.

Depending on your role, your work environment may include:

• Standing, walking, or operating equipment for extended periods
• Working in a lab or manufacturing setting with appropriate PPE provided
• Use of computers and digital tools in an office or hybrid environment
• Occasional lifting or movement of materials
• Adherence to rigorous safety protocols and ergonomic standards

We continuously invest in our facilities and technologies to ensure they support your well-being, productivity, and growth. If you require reasonable accommodation, we are committed to working with you to ensure an inclusive and accessible experience.

Benefits that Empower You

• Competitive salary with performance-based bonus plans
• 401(k) match + Age-Weighted Defined Contribution
• Comprehensive medical, dental & vision coverage
• Health Savings Account (HSA)
• Paid holidays, vacation, and parental leave
• Flexible work environment
• Learning and development opportunities
• Career and professional growth
• Inclusive culture and vibrant community engagement

Learn more at benefits.lubrizol.com!

#LI-MS1 #LI-Hybrid