BNSF Railway logo
BNSF Railway

For more than 170 years, BNSF Railway has worked to connect its users with the global marketplace, playing “a vital role in building and sustaining this natio

Senior Cybersecurity Engineer

Location

United States

Posted

29 days ago

Salary

$165K - $300K / year

Seniority

Senior

Job Description

Senior Cybersecurity Engineer

BNSF Railway

Role Description Be part of a team that values safety, inclusion, and excellence. We are one of the largest U.S. railroads transporting the nation’s freight across 28 western states and 3 Canadian provinces. As a member of our team, you will play a role in supporting the movement of essential products and materials that help feed, clothe, supply, and power communities throughout America and the world. BNSF | Tech is the technology division making BNSF the preeminent freight and mobility company in North America. Are you ready to drive change? If you are passionate about making a difference and eager to advance your career in a dynamic and supportive environment, we want you on our team! Join us in reshaping the future of freight rail and discover a fulfilling career where your contributions matter. We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us! We are seeking a highly skilled and proactive Cybersecurity Engineer to join our growing security team and lead our Data Loss Prevention (DLP) program. This role is ideal for professionals who thrive in dynamic environments and are interested in helping secure our nation’s critical infrastructure. The ideal candidate will play a critical role in safeguarding our digital assets, infrastructure, and applications while contributing to the maturity of our security operations. - Own the Stack: Serve as the primary engineer and administrator for our comprehensive data protection ecosystem, ensuring seamless integration across endpoints, network, and cloud perimeters. - Engineering & Threat Hunting: Write custom detection logic and queries to proactively hunt for data exfiltration risks and monitor cloud and on-prem environments. - AI Data Governance: Lead the integration of Data Loss Prevention capabilities to monitor and secure data flows for enterprise AI tools and LLMs. - Cross-Platform Integration: Architect data flows and policy enforcement between Email, Web, Messaging and other data exfiltration channels. - Program Rollout & Optimization: Drive the technical execution of the Data Loss Prevention program. - Incident Escalation: Act as the subject matter expert and top level escalation point for complex data security incidents. - Demonstrate operational excellence by monitoring, troubleshooting, and resolving production issues, including participating in a 24/7 on-call rotation. Qualifications - Authorized to work in the US - Minimum 5 years of experience in data loss prevention, incident response or related roles. Requirements - Bachelor’s degree or higher in computer science, cybersecurity, or related field. - Proficiency in Python or Java for automation, scripting, and tool development. - Hands-on experience with Data Loss Prevention and Incident Response solutions (e.g. zScaler, Microsoft Purview, Symantec DLP, Splunk, etc.) - Strong understanding of modern enterprise data flows and technology landscape. - Knowledge of data security principles including encryption, DLP, and access controls. - Proven ability to integrate disparate security tools into comprehensive solutions. - Experience or strong foundational understanding of how to secure data interactions with Generative AI applications and prompt-based systems. - Experience leading comprehensive technical programs. - Ability to translate highly technical data-flow concepts into clear risk assessments for business units and executive leadership. - Ability to work independently and collaboratively in cross-functional teams. - Passion for continuous learning and staying ahead of the threat landscape. - Able to work now and in the future without BNSF’s assistance in obtaining, maintaining, or extending employment authorization. Benefits - An industry-leading 401(k) and renowned Railroad Retirement program. - A range of robust health care options for you and your dependents (including domestic partners), including medical, dental, vision, telemedicine, mental health, cancer support, and high-quality care network options. - Health care spending accounts (HSA) with employer contributions, as well as life and disability insurance, provided at no cost. - Family benefits including parental, pediatric and family building support, adoption and surrogacy reimbursement, and dependent care spending account (with employer match). - Access to discounts on travel, gym memberships, counseling services and wellness support. - Annual bonus (Incentive Compensation Program). - Generous leave / time off policies.

Related Categories

Related Job Pages

More Security Engineer Jobs

Enterprise Horizon Consulting Group logo

Cybersecurity Assessment and Authorization, Subject Matter Expert

Enterprise Horizon Consulting Group

Enterprise Horizon solves complex IT and business challenges for the DoD, Federal, and Private sectors.

ContractRemoteTeam 11-50Since 2005H1B No Sponsor

• Serve as the cybersecurity SME for all Assessment and Authorization (A&A) activities, ensuring compliance with DoD and NIST requirements. • Perform RMF activities for systems undergoing authorization, including control assessment, documentation review, and risk analysis. • Apply expert understanding of NIST SP 800‑53 security controls and their relevance to large, complex IT infrastructures composed of multiple enclaves, applications, and outsourced services. • Identify vulnerabilities, determine severity levels, and assess potential impacts on system authorization status. • Conduct comprehensive authorization reviews for enterprise‑level systems and environments. • Brief senior leadership on RMF progress, findings, risks, and recommended courses of action. • Support the development, implementation, and refinement of cybersecurity policies, procedures, and processes aligned with DoD requirements. • Apply cybersecurity expertise to emerging technologies, including cloud services, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT). • Evaluate and apply cybersecurity controls for modern computing environments such as hybrid cloud, edge computing, and IoT-related architectures.

Virginia
Enterprise Horizon Consulting Group logo

Cloud Security, Risk Management Framework (RMF), Subject Matter Expert

Enterprise Horizon Consulting Group

Enterprise Horizon solves complex IT and business challenges for the DoD, Federal, and Private sectors.

ContractRemoteTeam 11-50Since 2005H1B No Sponsor

• Provide cloud tenancy services and deliver enhanced capabilities within an Oracle Cloud Infrastructure (OCI) hosting environment. • Secure, isolate, and administer the cloud tenancy to effectively create, organize, integrate, and manage cloud resources. • Research, evaluate, and implement new OCI services and capabilities to improve operational performance and strengthen security posture. • Administer middleware and web tiers, manage single sign‑on (SSO), and create/manage users, groups, and access controls. • Apply expert knowledge of NIST RMF, C&A processes, and DoD cybersecurity requirements to assess controls, identify risks, and ensure compliance. • Support the design, implementation, and maintenance of cloud-native security configurations, including Oracle CloudGuard. • Conduct C&A reviews for large, complex information systems and ensure alignment with DoD, NIST, and FedRAMP requirements. • Provide technical leadership across cloud service engineering, including distributed systems, virtualized infrastructure, identity, observability, and security. • Manage and support Autonomous Database, Oracle Enterprise Database, and Oracle Database Cloud Service (DBCS). • Deploy and manage containerized applications using Oracle Kubernetes Engine (OKE). • Automate tasks using scripting and IaC tools such as Ansible (OCI‑compliant), HELM, and Terraform. • Apply expertise in modern computing paradigms including hybrid cloud, edge computing, microservices, and IoT‑related protocols.

Virginia
Guidepost Solutions logo

Security Consultant – Engineering Design, PM

Guidepost Solutions

Uncovering Facts. Assessing Risk. Protecting Facilities. Monitoring Progress.

Full TimeRemoteTeam 201-500Since 2010H1B No Sponsor

• Design comprehensive security solutions that integrate physical security, access control, video surveillance, intercom, mass notification, and intrusion detection measures to meet client standards or mitigate identified risks. • Develop detailed security design documentation, including basis of design, system specifications, systems drawings, schematics, and installation plans, adhering to industry standards and regulatory requirements. • Lead designs (construction drawings and specifications) for technical & physical security elements (cameras, access control, intrusion detection, fences, gates, etc.) for client projects. • Understanding of Master Format CSI specifications and ability to write new content as needed. • Collaborate with clients to understand their business objectives, security requirements, and budgetary constraints, providing expert guidance and recommendations. • Collaborate with consultants within our client environment to develop design standards, evaluate costs, risk, and benefits of designs, and facilitate design discussions. • Facilitate effective project team and cross-functional interactions (Technical, Operations, BD, Marketing, etc.) by working successfully as a part of a team and business functions to achieve positive results. • Participate in maintenance of the clients’ Basis of Design, prototype design, and specifications for physical security elements. • Communication and record keeping of project decisions and directives in both written and verbal formats. • Maintain project repository of documentation in a consistent and comprehensive project delivery method. • Support business growth through pursuit of new work; and, by providing technical content to new business proposal and firm qualification packages. • Attend industry events to expand brand awareness.

United States
$100K - $120K / year
Full TimeRemoteTeam 201-500H1B No Sponsor

• Own end-to-end sales motions: prospecting, qualification, scoping, proposal development, negotiation, and close. • Build and execute a territory plan that expands new logo acquisition and grows revenue across existing enterprise accounts. • Position the full suite of offensive security services—pen testing, red teaming, cloud security testing, and managed offensive capabilities. • Maintain a strong pipeline with 3x+ quota coverage and predictable forecasting. • Lead consultative discussions with CISOs, engineering leaders, AppSec teams, and procurement stakeholders. • Partner with technical SMEs and consulting leads to shape solutions aligned to client risk, maturity, and regulatory requirements. • Establish multi-threaded relationships within accounts to improve deal velocity and renewal rates. • Deliver compelling client presentations, statements of work, and value-based proposals. • Work closely with the consulting delivery team to scope engagements accurately and ensure high customer satisfaction. • Align with marketing on targeted campaigns, regional events, and ABM programs. • Achieve or exceed quarterly and annual bookings targets. • Maintain accuracy of CRM data, forecasting, and pipeline metrics. • Drive healthy mix of services revenue: net-new logos, expansion, and multi-project programs.

United Kingdom