Cactus Wellhead - IT Security Engineer

This is a Cactus Wellhead position and is located in Houston, TX. 

Job Summary: The IT Security Engineer leads the investigation, response, and remediation of cybersecurity events and findings. The role will develop and operate comprehensive security solutions and programs that align with the organization’s cybersecurity controls. The IT Security Engineer will work closely with IT, development, and application teams to implement best-in-class security practices across cloud and on-premises environments. The individual must be able to work autonomously, must have exceptional problem-solving abilities and exhibit a strong sense of ownership to assigned responsibilities.

ESSENTIAL FUNCTIONS, ROLES, AND RESPONSIBILITIES: Essential duties and responsibilities include, but not limited, to the following.

• Practice safe work habits and comply with all quality, safety, health, environmental policies, procedures, programs, and regulations.
• Design, implement, and maintain security solutions such as endpoint protection, SIEM/SOAR, and security automation tools.
• Develop and enforce security policies and standards for network, cloud, and endpoint security.
• Implement best practices for endpoint, server, and cloud security hardening.
• Ensure timely remediation of vulnerabilities by working with system owners and developers.
• Participate in Incident Response efforts, including containment, remediation, and forensic analysis.
• Manage IAM, PAM, and access control policies to enforce Zero Trust principles.
• Perform security event triage and deep analysis of security logs.
• Build and optimize security monitoring, alerting, and logging capabilities.
• Support compliance initiatives (e.g., SOC 2, ISO 27001, NIST, SOX) and security audits.
• Participate in security assessments, penetration testing and threat modeling exercises.
• Maintain knowledge by monitoring InfoSec trends, news, and technologies while providing guidance to the organization.

Preferred Certifications, Licenses, Registrations:

• CISSP – Certified Information Systems Security Professional
• CCSP – Certified Cloud Security Professional
• GIAC – Global Information Assurance Certification (various specializations, such as GPEN, GCIH, GSEC, etc.)
• OSCP – Offensive Security Certified Professional
• Associate/Architect/Specialization-level certifications in AWS/GCP/Azure security

Education, Training, Experience:

• Bachelor’s degree in Information Security/Systems, Computer Science, or other related technical discipline
• 5+ years’ experience in an IT Security role

Job Knowledge, Skills, Abilities:

• Advanced experience with Identity and Access Management and associated technology
• Advanced experience with Extended Detection and Response product suites
• Intermediate knowledge of frameworks such as NIST CSF, ISO/IEC 27001 and Sarbanes-Oxley (SOX)
• Intermediate experience with vulnerability assessment technologies
• Intermediate knowledge and experience with SIEM/SOAR technologies
• Intermediate knowledge of Cloud and SaaS productivity platforms
• Intermediate knowledge of data classification techniques and Digital Loss Prevention (DLP)
• Proven experience leading technical security projects
• Motivated self-starter who can work in a dynamic, fast-paced team environment

Supervisory Responsibilities: This role has no supervisory responsibilities.

PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Regularly required to stand; walk; reach with hands and arms; talk and hear.
• Regularly required to use hands to finger, handle, or feel.
• Regularly lift and /or move up to 10 pounds, frequently lift and/or move up to 25 pounds and occasionally lift and/or move up to 40 pounds.
• Close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.

WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential function.

• Normally work in an office environment; however, occasionally may work in a laboratory, assembly areas and field service machine shop.
• Occasionally may be exposed to hazards such as loud noise, heavy equipment, temperature extremes, chemicals, etc. while working in Engineering laboratory, assembly areas and field service machine shop.
• The noise level in the work environment is usually moderate.

Disclaimer: This job description indicates the general nature and level of work expected of the incumbent. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent. Incumbent may, and probably will be asked to perform other duties as required. Each employee, regardless of classification, is required to maintain a safe, orderly and clean workplace, using safety precautions and observing safety rules at all times.

Cactus Companies is an Equal Employment Opportunity (EEO) employer and does not discriminate in any employer/employee relations based on race, color, religion, sex, sexual orientation, gender identity and expression, national origin, age, marital status, disability, veteran status, genetic information or any other basis protected by applicable discrimination laws.