Cyber Security Engineer

Job Title: Cybersecurity Engineer
Location/ Work Structure: Cincinnati, OH (Hybrid)
Who we are:
Vernovis is a Total Talent Solutions company that specializes in Technology, Cybersecurity, Finance & Accounting functions. At Vernovis, we help these professionals achieve their career goals, matching them with innovative projects and dynamic direct hire opportunities in Ohio and across the Midwest.

What You'll Do:

• Administer email security platforms including anti-phishing, anti-spam, and DLP controls within Microsoft 365
• Manage MFA and identity access controls; support integration with Azure Active Directory and Oracle identity management
• Monitor SIEM alerts (Splunk) and triage security events; escalate and coordinate incident response as needed
• Maintain and tune firewall rulesets; support network security configuration across multi-site WAN (Cisco MPLS, Riverbed)
• Conduct vulnerability scans, prioritize findings, and coordinate remediation with infrastructure and application teams
• Develop, document, and enforce cybersecurity policies, standards, and procedures appropriate for a standalone manufacturing organization
• Support internal compliance requirements and assist with any applicable regulatory or customer security assessments
• Maintain vulnerability management program including tracking, reporting, and remediation metrics
• Assist with vendor risk assessments and third-party security reviews
• Provide basic cybersecurity support for operational technology (OT) environments including conveyor automation and engineering lab systems
• Coordinate with engineering and operations teams to apply appropriate security controls without disrupting production systems
• Support evaluation and potential deployment of OT-specific security tooling (e.g., Forge Cyber Insights)
• Contribute to the buildout of a security program from inception, including tooling selection, policy development, and process establishment
• Support security awareness training and phishing simulation programs for end users
• Maintain security asset inventory and participate in disaster recovery / business continuity planning for IT systems

What Experience You'll Have:

• 3-5 years of experience in an IT security or systems administration role with direct security responsibilities
• Hands-on experience with EDR platforms (CrowdStrike, SentinelOne, or equivalent), SIEM tools (Splunk preferred), and vulnerability management tools (Nessus, Qualys, or equivalent)
• Working knowledge of Microsoft 365 security administration (Defender, Exchange Online Protection, Conditional Access)
• Experience with firewall administration (Cisco, Palo Alto, or equivalent)
• Familiarity with Active Directory and Azure AD identity and access management
• Ability to work independently in an ambiguous environment and prioritize competing demands
• Strong written and verbal communication skills; ability to translate technical risk into business terms

What Experience is Nice to Have:

• Security certification: CompTIA Security+, CISSP, CISM, or equivalent
• Experience in a manufacturing, industrial automation, or OT/ICS environment
• Familiarity with Oracle EBS environments and associated security considerations
• Experience supporting security in a post-M&A or carve-out environment
• Knowledge of NIST CSF, CIS Controls, or ISO 27001 frameworks
• Experience with cloud security (Azure preferred)