IT Security Administrator V - Incident Response & Threat Detection Engineer

Job Description

The Cybersecurity Incident Response (IR) Lead and Detection is responsible for the dual mission of advanced threat detection capabilities and leading the charge during high-stakes security investigations. The individual will response to alerts and design in the logic that finds the needle in the haystack as well as mentor a team of responders to act with precision and speed.

KEY RESPONSIBILITIES:
Detection Engineering (the "Hunt)

• Advanced Logic Development: Design implement and refine complex detection rules and automated remediation workflows to identify adversarial behavior across U. S. Steel's global infrastructure.
• Framework Mapping: Utilize threat intelligence and the MITRE ATT&CK framework to identify gaps in visibility and proactively mitigate emerging risks.
• System Optimization: Continuously tune SIEM (e.g., Splunk), EDR (e.g., CrowdStrike) and cloud-native security tools to maximize detection fidelity while minimizing alert fatigue.
• Threat Modeling: Develop and maintain threat models, incorporating findings from penetration tests into detection strategies.

Incident Response & Leadership (the Shield)

• Crisis Management: Act as the lead Incident Responder for complex, high-priority investigations, managing the full lifecycle from initial detection to root cause analysis and post-mortem.
• Technical Escalation: Provide Tier 3+ (Tier 1-3 teams are managed by a MSP) expert-level support for deep dive investigations, including digital forensics (memory, network and malware analysis).
• Process Evolution: Author and refine IR playbooks and operational guidelines to ensure the team remains agile in an evolving threat landscape.
• Mentorship: Coach and train junior U. S. Steel analysts and direct MSP-provided analysts on advanced investigation techniques, fostering a culture of technical excellence and psychological safety.

Governance & Collaboration

• Cross-Functional Liaison: Partner with IT, Legal and Privacy teams to ensure rapid containment of threats and compliance.
• Audit Readiness: Maintain comprehensive documentation of detection strategies and incident timeliness to support internal audits and external due diligence.

EDUCATION, KNOWLEDGE, SKILLS AND ABILITIES:
Required Qualifications:

• Bachelor's degree in cybersecurity, computer science or a related field with seven plus years of experience in a Security Operations Center (SOC) or with Incident Response or Threat Detection.
• Hands on tooling experience in SIEM, EDR and Cloud Security (AWS, Azure or Google Cloud Platform).
• Proficiency in scripting (Python, PowerShell or Bash) and experience with automation and/or orchestration (SOAR) tools.
• Strong analytical thinking and attention to detail when evaluating security data.
• Problem solving under pressure in a fast-paced cybersecurity environment.
• Excellent communication skills and the ability to explain technical findings to both technical and non-technical stakeholders.
• Strong ethical judgment and adherence to security policies and procedures when handling sensitive data.
• Demonstrated strong leadership qualities (critical thinking, cross-functional collaboration, communication).
• Ability to execute rapid containment strategies that minimize business disruption.

Preferred Skills:
GCIH, GCFA, GNFA, CISSP or other equivalent advanced security certifications.

WORK ENVIRONMENT/ PHYSICAL REQUIREMENTS:

• Prolonged computer usage and visual interaction with screens and dashboards.
• Must be able to remain stationary 50% of the time.
• Ability to travel 10% of the time

Company Overview

Since 1901, U. S. Steel has been a recognized leader in steel production. Today, as the first North American steel company to have declared a 2050 net-zero greenhouse gas emissions goal, we remain as innovative as ever, leading transformation across our industry while continuing to make products for everyday life - from industries as far ranging as automotive, construction, containers and packaging, appliances, and energy.

We show pride in our communities with community partnerships, corporate charitable contributions, company-sponsored employee volunteer initiatives, leadership training, and much more. And of course, we have a steadfast commitment to safety first in our workplaces and respect for our employees, who are United by Steel.

We are honored to have earned accolades and awards from well-regarded organizations, including the following:

• Newsweek's Top 100 Most Loved Workplaces 2021, '22, '23
• Human Rights Campaign Foundation's Equality 100 Award 2020, '21,'22, '23
• Disability:IN's Best Places to Work for Disability Inclusion 2021, '22, '23
• Ethisphere's World's Most Ethical Companies 2022, '23
• Military Times' Best for Vets: Employers 2023
• Mansfield Certification for progressing Diversity, Equality, and Inclusion in Legal Department: 2023

Conducting business with integrity and with the highest ethical values has underpinned U. S. Steel's success for over 100 years, and it remains critical to our company's success in the future. U. S. Steel is an Equal Opportunity Employer. It is our policy to provide equal employment opportunity (EEO) according to job qualifications without discrimination on the basis of race, color, religion, ancestry, national origin, age, genetics, sexual orientation, sex, gender identity, disability status or status as a protected Veteran or any other legally protected group status. (California residents may visit regarding collection of personal information and U. S. Steel's privacy practices.)

Competency Summary

At U. S. Steel all employees are expected to display the following core competencies every day to advance corporate, team and individual goals:

Think: Think Critically and Drive Change
Lead: Develop Talent and Collaborate
Do: Empower Performance and Deliver Results