• IT
  • Anywhere


US LBM is one of the leading and fastest growing distributors of specialty building materials in the United States, with a team of over 15,000 employees located throughout the country. Since our founding in 2009, we have acquired over 70 companies and have expanded to more than 500 locations serving 37 states. US LBM is a progressive organization that promotes a unique culture that focuses on the value of its customers and associates. Developing our people is critical to our strategy and fostering our culture of empowerment.


The Cybersecurity Engineer is essential in implementing, monitoring, and maintaining security measures to protect our organization from evolving cyber threats. The Cybersecurity Engineer’s expertise in different IT domains contributes to the development and execution of US LBM’s cybersecurity strategy, working in close collaboration and following the strategic direction set by the cybersecurity architect and the Vice President for Information Security and Compliance. The Cybersecurity Engineer promotes security requirements and objectives while ensuring that security frameworks and practices do not obstruct the US LBM’s operational demands. Lastly, the Cybersecurity Engineer is a technical consultant who engages with different line-of-business (LOB) units within the organization.

Key Responsibilities:

  • Developing, implementing, and maintaining IAM systems and solutions.

  • Troubleshooting, identifying, and resolving technical IAM-related issues.

  • Ensuring that solutions protect information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss.

  • Identifying, analyzing, and resolving system design weaknesses.

  • Develop a complete understanding of US LBM’s technology and information systems.

  • Build, implement, and support enterprise-class security systems.

  • Align organizational security strategy and infrastructure with overall business and technology strategy.

  • Identify and communicate current and emerging security threats.

  • Implement and maintain security infrastructure elements to mitigate threats as they emerge.

  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.

  • Create solutions that balance business requirements with information and cybersecurity requirements.

  • Validates IT infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risks, where applicable.

  • Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application.

  • Test security systems to ensure they behave as expected.

  • Use current programming language and technologies to write code, complete programming and perform testing and debugging of applications.

  • Define, implement, and maintain corporate security policies and procedures.

  • Respond immediately to security-related incidents and provide thorough remedial solutions and analysis.

  • Regularly communicate vital information, security needs, and priorities to upper management.

Required and Preferred Knowledge, Skills, and Abilities:

  • Demonstrated ability to lead security-based projects.

  • Must have technical competency in IT/Systems, combined with business acumen to understand and translate between business and technical requirements.

  • Experience and strong understanding of security frameworks and concepts, such as the Zero Trust model, the NIST Cybersecurity Framework, and the Microsoft Cloud Security Benchmark.

  • Able to support multiple efforts in parallel in a high matrix, fast-paced, multi-site organization experiencing rapid growth.

  • Proficient in performing risk, business impact, control, vulnerability assessments, and defining treatment strategies.

  • Strong interpersonal skills and a positive approach to collaboration and relationship building are required.

  • Must have excellent written and verbal communication skills.

  • Strong analytical, organizational and demonstrated problem-solving and conflict resolution skills.

  • Must be a self-starter with an attitude to "get things done” and an excellent understanding of information security concepts, protocols, industry best practices, and strategies.

  • Travel required to various operating locations along with business-related meetings & conferences.

  • Physical demands include sitting for extended periods, standing and walking, bending or stooping, and lifting to 25 pounds frequently and up to 50 pounds occasionally.

  • Lifting equipment such as PC CPUs and monitors and transporting them to various locations.

Systems Experience:

  • Microsoft Entra ID (Azure Active Directory), and solid understanding of Identity security.

  • Management of Azure Enterprise Applications, SSO Configuration, and Application Registration.

  • Microsoft Cloud Security Solutions (365 Defender, Sentinel, Defender for Cloud, Azure Policy, Defender for Endpoint, Defender for Cloud Apps, Defender for Identity, Intune, Conditional Access).

  • Microsoft Azure Resource configuration, such as Virtual Machines, Logic Apps, Automation Accounts, Storage Accounts, Powershell Scripting, and other scripting languages.

  • Window Active Directory and Windows Server Administration (Group Policy, ADUC).

  • Experience with Linux OS is a plus.

  • Experience with User Lifecycle Management is a plus.

  • Experience with Microsoft 365 is a plus.


  • Minimum Education required – Bachelor’s degree in Information Systems or equivalent experience required.

  • Minimum Experience required: 3-4 years of IT security experience.

  • Minimum 5-7 years of IT systems engineering experience, with a broad understanding of Windows Domain environment, networking, and some Cloud experience, particularly Microsoft Azure.

  • Industry certifications related to Security, Systems, and Network Engineering, such as Network +, Security +, CCNA, and Microsoft Certified Azure Security Engineer Associate (AZ500).



US LBM Holdings, LLC, is an equal-opportunity employer. We do not discriminate on the basis of race, color, religion, creed, national origin or ancestry, sex, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, gender identity, marital status, military status, order of protection status, or any other legally recognized protected basis under federal, state, or local law.

To apply for this job please visit uslbm.wd1.myworkdayjobs.com.