We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
CSX Corporation jobs

Security Engineer I

CSX Corporation
United States, Florida, Jacksonville
Sep 25, 2025

Job Summary
Security Operations Center (SOC) Engineer main responsibility is to mitigate and prevent security threats through monitoring and reporting, while also implementing strong cyber security practices to protect the organization. You will work in a team operating 24/7 and work closely with the different Technology teams such as the Service Desk, NOC, and our Engineers specializing in Security and Infrastructure. Engagement in diverse security projects alongside business partners is key to advancing the organization's cybersecurity agenda. Success in this role is grounded in meticulous attention to detail and a process-oriented approach, which enhances the understanding of the organization's operational framework. Proficiency in security technologies and solutions is essential for implementing best practices within the SOC.

Primary Duties, Responsibilities and Deliverables

  • Develop, document, and implement process within the SOC and relevant reports.
  • Detect and respond to advanced threats, actor techniques, anomalous or suspicious activity, combined with intelligence, to identify potential and active risks to systems and data.
  • Actively monitor new and emerging Security infrastructure-related technologies, trends, issues, and solutions.
  • Conduct detailed comprehensive triage and investigation on a wide variety of security events and implement containment and mitigation processes.
  • Collaborate with internal security partners and threat intelligence teams to derive indications and warnings of impending threat.
  • Adhere to and champion the Technology core values and principles.
  • Engage directly with Security Infrastructure team and Technology groups related to projects and initiatives that would strengthen the overall security posture of the SOC team and the organization.
  • Participate in creating innovative ways to use a wide range of security event data to advance detection methods.
  • Ability to prioritize, work well under pressure and thrive under the operational demands inherent within the role.
  • Proactively remediate security gaps in the infrastructure and remediate risks that affect information integrity.
  • Leading or actively participating in the investigation of security incidents. This involves analyzing alerts, identifying the root cause, and implementing containment measures.
  • Using SIEM (Security Information and Event Management) tools and other security platforms to monitor network traffic, systems, and applications for suspicious activity or potential threats.
  • Proactively searching for indicators of compromise or hidden threats that may not be detected by traditional security tools. This requires in-depth knowledge of attack techniques and threat actor behaviors.
  • Managing and maintaining security tools like firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection platforms. This can include configuration and tuning for optimal performance.

General Knowledge and Skills

  • Experience in analyzing a wide variety of network, application, and host logs to detect and resolve security issues.
  • Understanding of common threat analysis model's such as MITRE ATT&CK and/or Cyber Kill Chain.
  • Deep understanding of system internals on MacOS, Windows, and Linux.
  • Experience developing solutions using the Microsoft technology stack, including Office 365, Power BI, Power Apps, Power Automate, and Logic Apps, as well as Azure services such as Functions (including Durable Functions), Blob Storage, Table Storage, and Queue Storage.
  • Experience automating and developing with Python, PowerShell, Kusto Query Language, or R with RESTful APIs.
  • Experience correlating across very large and diverse datasets (Azure Data Lake, Azure Data Explorer, Cosmos DB, Microsoft Fabric, Microsoft Sentinel).
  • Experience with application databases.
  • Experience working within a diverse organization to gain support for your ideas.
  • Ability to effectively multi-task and prioritize in a fast-paced environment.

Minimum Qualifications

  • High School Diploma
  • 5 or more years of combined IT and cybersecurity work experience.

Preferred Qualifications

  • Bachelor's Degree/4-year Degree in Information Technology or other technical degree.
  • 3 or more years of combined IT and cybersecurity work experience.

Job Requirements

  • Work hours may vary in length and schedule (may include a non-standard work week)
Applied = 0
MORE JOBS LIKE THIS

(web-759df7d4f5-7gbf2)