Cyber Incident Management and Response Engineer

At Construction Resources and its affiliated companies, we are more than a distributor—we are a trusted partner to designers, builders, remodelers, and homeowners. For over 50 years, we’ve delivered integrated solutions that help turn ideas into reality across residential, multi-family, and commercial projects.

Our success is built on collaboration, craftsmanship, and a commitment to excellence. Whether you contribute on the design floor, in operations, or in the field, you’ll be part of a dedicated team that values people, quality, and continuous growth.

Our affiliated brands include Cancos, UMI/Opustone, and Bell Cabinetry.

 

POSITION OVERVIEW

The Incident Management & Response Engineer is responsible for developing and maintaining the Incident Management (pre-incident) and Incident Response (post-incident) programs of Construction Resources and its affiliates (CR), to ensure that the company's information systems and information assets are adequately monitored and responded to when an attack on, or critical outage of, the CR infrastructure occurs.  The Incident Management & Response Engineer will work with other IT leaders to report, review and mitigate the events/incidents that may or have impacted CR’s IT infrastructure systems.  The functional scope of this role includes event management of CR’s IT security systems through the correlation of events and managing any incidents, through discovery, remediation, and communications, to drive a quick recovery of systems and data following an incident.  

WORK ENVIRONMENT

This position is based onsite, with a preference for candidates located in or near one of the following markets: Atlanta, Charleston, Tampa, Dallas, or Nashville. A hybrid work arrangement may be considered for candidates in these locations

 

 

KEY RESPONSIBILITIES

• Establish, maintain, and communicate a clear and comprehensive Incident Management & Response (IR) programs aligned to industry standard framework(s); own the program as a leader and be the main point of contact and subject matter expert 

• Implement, define and improve CR policies, standards, and procedures of Incident Management & Response services, including: incident management processes and procedures (hunting, event correlation, etc.), incident response processes and procedures, and tabletop exercises for incident responses 

• Provide ticketing standards and escalation requirements for security or critical outage events and incidents 

• Provide documents that outline incident protocols such as how to handle cybersecurity threats or how to correct server failures 

• Keep abreast of relevant trends and threats, and translate these for CR to allow for mitigation activities where possible 

• Responding to a reported service incident, identifying the cause, and initiating the incident management process 

• Escalating within the team if major issues are found in the IT system 

• Establish and drive metrics, analytics, reporting mechanisms and services, maturity models and a roadmap for continual IR program improvements 

• Facilitate compliance with the CR policies and external regulations 

 

OTHER DUTIES 

• Prepare formal reports and presentations of findings and recommendations 

• Author Incident Management/Incident Response guidelines, principles, policies, and standards for information / data stewards, stakeholders, and development teams 

• Other duties, as assigned 

 

SKILLS & COMPETENCIES

• Security knowledge across various security domains and technologies (e.g., databases, operating systems, networking, applications, data management, access management, and identity management) 

• Experience executing security hunting activities to determine possible vulnerabilities or incidents within the IT environment 

• Maintain up-to-date understanding of technology trends and developments in the areas of information technology and security 

• Ability to understand business processes and needs, gain buy-in and influence change 

• Ability to drive execution of defined goals through effective interaction with IT services teams  

• Ability to frame security and IT vulnerability-related concepts to both technical and non-technical audiences 

• Highly developed analytical, structured problem-solving skills; analytics and inquisitive mind-set 

• Knowledge in Information Security, IT Risk, IT Auditing 
• Deep understanding of MITRE ATT&CK Framework

 

TRAVEL 

Limited travel may be required of this role. 

 

 

EXPERIENCE & QUALIFICATIONS

• Bachelor's degree is required; degree in computer science, information systems, information security, or another related field preferred 

• 4+ years relevant experience in related fields, qualifying experience could be obtained through roles in security operations center (SOC), cloud security, information technology administration/management, data center management and/or end-user computing.
• Incident Management training, i.e. ISO 27035, preferred.

• Familiarity with Incident Management and Incident Response frameworks required.  CISM, CISA, and/or GIAC certifications preferred.

• Experience in establishing and documenting processes and procedures, and communicating service to relevant teams across the business landscape 

• Expertise and professional experience working in Windows and Linux environments 

• Experienced and knowledgeable regarding Cloud infrastructure and security capabilities, including Microsoft Azure 

• Strong communication skills with the ability to talk with business and technical parties across all levels of the organization 

• Strong time management skills and experience handling multiple assignments with competing priorities 

• Ability to lead large, disparate teams during stressful situations 

• Strong analytical and technical skills 

EEO
At Construction Resources, our people are the driving force behind everything we do. Construction Resources is an equal opportunity employer that aspires to be the best in the business by building an associate experience that celebrates growth, development, and purpose.

PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While performing the duties of this job, the employee is regularly required to speak or hear. The employee is frequently required to sit for extended periods of time, stand, walk, climb stairs, use hands to finger, handle or feel, and reach with hands and arms. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.

POSITION TYPE/EXPECTED HOURS OF WORK
This is a full-time position that requires overtime as business needs dictate.

OTHER DUTIES
Please note:  this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time, with or without notice.

PRIVACY NOTICE
We value your privacy and want to ensure transparency regarding the collection and processing of your personal data. As part of our recruitment process, we require your explicit consent to collect, store, and process your personal information, including but not limited to your resume, contact details, professional experience, and other relevant data.

This data will be used solely for recruitment and hiring purposes in accordance with our privacy policy and applicable data protection regulations. Your information will be stored securely and will not be shared with third parties without your consent.

By submitting your application, you agree to the collection and processing of your personal data for the purposes stated above. You may withdraw your consent at any time by contacting us at recruitment@crhomeusa.com.