Senior Cybersecurity Engineer

As the largest pureplay adhesives company in the world, H.B. Fuller's (NYSE: FUL) innovative, functional coatings, adhesives and sealants enhance the quality, safety and performance of products people use every day. Founded in 1887, with 2023 revenue of $3.5 billion, our mission to Connect What Matters is brought to life by more than 7,000 global team members who collaborate with customers across more than 30 market segments in over 140 countries to develop highly specified solutions that enable customers to bring world-changing innovations to their end markets.

The Cybersecurity Senior Engineer reports to the Director of Cybersecurity, and has primary responsibility in the development, monitoring, evaluation, and maintaining of systems and procedures necessary to protect host and network systems from unauthorized access and security threats and focus on protection of sensitive information.

The Cybersecurity Senior Engineer typically participates in creating, implementing, and evaluating security standards, guidelines and procedures related to firewalls, intrusion detection, vulnerability scanning, host operating systems, and network devices.

While it is essential for this position to understand and focus also on managing and extending the global monitoring and SIEM systems, installing and supporting security technologies, such as DLP, ATP, anti-virus, encryption, wireless, mobile security, multi-factor authentication, PKI, and content filtering and participating in various projects, the main focus and responsibility area will be network security - based on business needs and the current and continuously changing world around Cybersecurity threats and practices, this individual must be able to design and implement firewall technologies, Cloud security, network segmentation, Zero Trust mindset and SASE approach.

This individual will be involved in a variety of host, desktop, and network security areas within the global Information Technology department. Frequent communication with H.B. Fuller staff in all regions is expected for troubleshooting, performance tuning, and project activity. This position will act as an engineering lead for various efforts and projects related to Cybersecurity and demands also thorough understanding of how Cybersecurity interfaces with other IT infrastructure, network, DBA, and applications areas.

As primary M&A and IT/Business integration engineer, this individual will be involved with infrastructure design decisions and strategy; a good and founded understanding of Cybersecurity impact and trending is key for this position.

The Cybersecurity Senior Engineer will also serve as mentor for other Cybersecurity/IT engineers and be responsible for business leadership presentations - proactive, productive, efficient, understanding how to prioritize is expected as well as delivery of consistent results.

The Cybersecurity Senior Engineer will also be expected to work through trouble tickets with internal and external partner vendors in the support of our global Infrastructure. There is an on-call expectation for this role.

Systems Support [55%]

• Primary responsibility for multiple key areas of host and network security implementation, deployment and support technologies related to host, network and cloud platforms including:

• Firewalls, Endpoint Security, IDS/IPS, sandboxing, URL filtering, Web Security, Cloud- and email security

• Network segmentation

• Zero Trust network access practices

• Research appropriate technology and product offerings

• Assist with configuration and implementation deployments for new apps, upgrades, and architectural changes

• Designs, supports, and installs security and monitoring technologies

• Performs analysis of system logs and user access issues

• Participates in emergency response team activities regarding security incidents

• Performs in-depth support for information security incidents including internal violations, hacker attacks, virus, and other system outages

• Prepares and updates security policies, processes, and related technical documentation

• This is a support engineering role also accountable for change control, configuration management and CMDB accuracy, and internal support processes improvement or automation

Project Activity [30%]

• Consult with Cybersecurity and risk management individuals, network lead engineers, business and systems analysts, infrastructure, and desk side in assigned projects to identify user needs and project task requirements

• Serve as lead Cybersecurity engineer for smaller or medium activities requiring limited resources or technical depth

Documentation and Communication [15%]

• Prepare documentation for the systems, scripts, procedures in accordance with department and corporate standards

• Prepare and submit project status and/or other reports to the Project Manager or Security Manager as required

• Develop and maintain effective working relationships with global users and technical peers

• Conduct effective, on-going communication, both written and verbal

• Keep abreast of new developments in security hardware and software technology, and be informed of the latest techniques, technologies, and practices

Minimum Requirements:

• Bachelors in BA, CS MIS, or technical degree/equivalent

• 10+ years of on-the-job experience including:

• General infrastructure (server, load balancer…) and PC fundamentals

• Key monitoring events and conditions on various network hardware and software

• VPN configurations and usage

• Firewalls, and DMZ architecture

• General security, monitoring tools, IDS/IPS

• Detailed technical knowledge sufficient to independently identify and diagnose system malfunctions, bots, and other malware issues

• EndPoint Security incl. advanced EDR (such as Cisco AMP, Crowdstrike, Microsoft Defender, Carbonblack etc.)

• Knowledge of Microsoft EMS E5 products, like Cloud App Security, Azure Information Protection, Intune, etc.

• Vulnerability Management (like Tenable Nessus or Rapid7 InsightVM)

• User Awareness Program

• Data Loss/Leakage Prevention

• PKI - Public Key Infrastructure

• Thorough understanding of OSI model

• IT Infrastructure Library (ITIL) functions (incident, change, problem, asset management)

Preferred Requirements:

• Database security, server and client security and encryption, cloud security (SASE)

• Cisco firewalls (ASA/FTD/FMC), Open DNS/Umbrella, Cisco IOS (interfaces, configuration, routing, QOS, …)

• Email Security (like Cisco, Microsoft)

• Cisco CCENT, CCNA, CISSP, SANS certifications is a plus

• Security certifications, like CISSP, is a plus

• Various protocol knowledge (SIP, Telnet, HTTP, SSL, PPP, WLAN, CDP …)

• Advanced Threat Protection, security information and event Management (SIEM), and security advanced threat protection (ATP) systems use

• Understanding of security standards like SOC2, ISO 2700x, UCF, NIST

Physical Environment:

• Basic office environment

• Must be able to rack typical server and appliance gear in standard 42u rack

• Lift approximately 40 pounds (18 kg) unassisted

Pay is based on several factors including but not limited to education, work experience, certifications, and geographic location.

The salary for this role is 95,000 - 110,000.

In addition to your salary, H.B. Fuller offers employees a competitive total rewards package including comprehensive benefits, incentive and recognitions programs, health & wellness benefits, 401K contributions, paid time off and paid holidays. Eligibility may vary.

H.B. Fuller is an Equal Employment Opportunity employer and proud to have created a collaborative culture where employees around the world are seen, heard, and respected. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or marital status or status as a protected veteran, or any other legally protected classification.

H.B. Fuller does not accept unsolicited resumes from recruiters, employment agencies, or staffing firms. To conduct business with H.B. Fuller, a written service agreement must be executed by Human Resources prior to submitting any information relating to a potential candidate. Without a signed service agreement, H.B. Fuller shall not be obligated for payment of any fee or compensation.