Ck Energy Jobs (NOW HIRING)

Build the future, spark innovation and align your career with purpose.

McKinstry is innovating the waste and climate harm out of the built environment and creating lasting impact. Together, we're building a thriving planet.

Buildings are a leading contributor to the climate crisis, generating nearly 40% of total global energy-related carbon emissions. We're making a lasting impact on our industry and within our communities by addressing the climate, affordability and equity crises through:

• renewables and energy services
• engineering and design
• construction and facility services

To get where we're going, we need big thinkers, problem solvers and collaborative mindsets. Does that sound like you?               

The Opportunity with McKinstry 

We are seeking a Senior Manager, Threat Intelligence & Security Operations to serve as McKinstry's senior owner of threat intelligence, threat hunting, and security operations - a role that sits at the intersection of deep technical expertise and forward-looking security leadership. This is a critical, senior-level position responsible for directing the full threat lifecycle: from adversary intelligence collection and proactive threat hunting through incident response, SOC leadership, and post-incident remediation.

This role owns the question "are we ahead of the threat?" While the CISO sets vision and engages at the board and executive level, the Senior Manager, Threat Intelligence & Security Operations ensures McKinstry is operationally prepared: threat intelligence is current and actioned, the SOC is hunting and detecting with precision, incidents are managed with discipline, and the tooling and governance that underpin it all are continuously improving.

This role is ideal for a seasoned threat and operations leader who combines the analytical depth of a senior threat hunter with the organizational skills of a people leader - and who is ready to own one of the most consequential security functions in a growing, complex organization.

In this role, you will:

        Own McKinstry's threat intelligence program - ingesting, operationalizing, and briefing leadership on adversary activity relevant to our business and industry.

        Lead proactive threat hunting across endpoint, network, cloud, and identity environments, converting findings into durable detections.

        Direct and develop the Security Operations Center (SOC), holding the team accountable to high-quality detection, triage, and response outcomes.

        Serve as the senior technical lead during major security incidents, coordinating response across Legal, HR, Communications, and executive leadership in real time with the CISO.

        Own the security tooling stack and drive continuous improvement across SIEM, EDR, SOAR, and threat intelligence platforms.

Key Responsibilities

Strategic Security Leadership & Executive Partnership

      Partner with the CISO to shape McKinstry's threat management strategy, ensuring intelligence and operations programs are aligned to organizational risk priorities.

      Represent the threat and operations function in cross-functional leadership forums, steering committees, and executive-level discussions.

      Step in as the security operations lead when the CISO is unavailable, with authority to make operational and escalation decisions on behalf of the security organization.

      Contribute to board-level security reporting, including updates on threat posture, incident trends, SOC performance, and detection maturity.

      Translate McKinstry's business objectives and growth initiatives into threat-informed risk assessments and security investment priorities.

Core Domains of Responsibility:

This role leads the organization's threat management and security operations capabilities across the following domains:

Threat Intelligence & Adversary Profiling

      Build and maintain a mature threat intelligence program, ingesting and operationalizing feeds from OSINT, commercial, and government sources

      Develop and maintain adversary profiles mapped to the MITRE ATT&CK framework, with prioritization based on industry relevance and organizational exposure

      Deliver timely, actionable threat intelligence briefings to the CISO, Senior Leadership, and relevant technical teams

      Monitor the evolving threat landscape (ransomware groups, nation-state actors, insider threat vectors) and adjust defensive posture accordingly

Proactive Threat Hunting

      Design, execute, and document structured threat hunting missions across endpoint, network, cloud (Azure), and identity environments

      Develop and refine hunting hypotheses grounded in threat intelligence and behavioral analytics

      Collaborate with Security Engineering to convert successful hunt findings into automated detections and SIEM correlation rules

      Maintain a threat hunting library with documented methodologies, data sources, and outcomes

Security Operations Center (SOC) Leadership

      Lead and develop the Security Operations Program and team, including hiring, coaching, performance management, and career development

      Establish and enforce operational standards for alert triage, escalation, and incident handling workflows

      Drive continuous reduction in mean time to detect (MTTD) and mean time to respond (MTTR) through process improvement and automation

      Manage shift coverage, on-call rotations, and ensure 24/7 operational readiness

Incident Response & Crisis Management

      Serve as the senior technical lead and decision-maker during major security incidents and breach events working real time with the CISO

      Own and continuously improve incident response playbooks, runbooks, and post-incident review (PIR) processes

      Coordinate with the key partners and stakeholders including CISO, Legal, HR, Communications, and executive leadership during high-severity incidents

      Partner with external IR vendors and MSSP relationships as needed

Security Tooling, Governance & Engagement

      Own operational responsibility for the security platform stack (SIEM, EDR, SOAR, TIP, vulnerability management) and drive integration and automation initiatives

      Collaborate with Senior Leadership to communicate threat risk, operational security status, and investment priorities

      Support compliance, audit, and governance activities aligned to NIST, ISO 27001, SOC 2, and applicable regulatory frameworks

      Contribute to the broader security roadmap in partnership with the CISO and Security Engineering teams

What You Need to Succeed at McKinstry

You don't need to check every box below. We value significant relevant experience and encourage applicants who meet several of the qualifications to also apply. All applications will be reviewed, and the most qualified candidates will be considered for the next steps.

Experience

      10+ years of experience in cybersecurity, with 7+ years in security operations, threat intelligence, or threat hunting roles

      7+ years in a people management or team lead capacity within a SOC, CSIRT, or threat management function

      Demonstrated experience leading major incident response engagements and managing cross-functional stakeholder communication during crises

Technical Expertise

      Deep knowledge of threat intelligence platforms and operationalization (e.g., MISP, Recorded Future, Anomali, or comparable TIPs)

      Expert-level proficiency with MITRE ATT&CK framework applied to both threat hunting and detection engineering

      Strong hands-on experience with SIEM, EDR, SOAR platforms (e.g., Microsoft Sentinel, Microsoft Defender, Arctic Wolf, Fortinet, Netwrix)

      Experience with cloud security operations in hybrid environments - Azure expertise strongly preferred

      Proficiency in scripting and automation for hunting and detection use cases (KQL, PowerShell, Python, or Bash)

      Familiarity with adversarial simulation techniques (red team TTPs, purple team exercises) to validate detection coverage

Governance & Frameworks

      Working knowledge of NIST CSF, ISO 27001, SOC 2, and applicable regulatory frameworks

      Experience with Zero Trust architecture, XDR, Identity Security, and SASE concepts

Certifications (Preferred)

      CISSP, CISM, or GSOM - required or in progress

      GIAC certifications (GCTI, GCIH, GREM, GDAT) highly valued

      SANS FOR5xx series or equivalent threat intelligence / hunting coursework a strong plus

Leadership & Communication

      Proven ability to lead, develop, and retain technical security teams

      Excellent executive communication skills - able to translate threat data into business risk language for C-suite and board-level audiences

      Collaborative, cross-functional mindset with experience influencing without authority

      Some travel required to job sites, vendor meetings, conferences, or client engagements

PeopleFirst Benefits

When it comes to the basics, we have you covered:

• Competitive pay
• 401(k) with employer match and profit-sharing plan
• Paid time off and holidays
• Comprehensive medical, prescription, dental, and vision with low or zero deductible options and low out of pocket maximums

People come first at McKinstry, and we go beyond the basic benefits with:

• Family formation benefits, including adoption and IVF assistance
• Up to 16 weeks paid parental leave
• Transgender inclusive benefits
• Commuter benefits
• Pet insurance
• "Building Good" paid community service time
• Learning and advancement opportunities via McKinstry University
• McKinstry Moves onsite gyms or reimbursement for remote workers

See benefit plan documents for complete details.

If you're driven by our vision to build a thriving planet together, McKinstry is the place to build your career.

The pay range for this position is $137,880 - $240,400 per year; however, base pay offered may vary depending on job-related knowledge, skills, and experience. Base pay information is based on market location. A bonus may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered.

The McKinstry group of companies are equal opportunity employers. We are committed to providing equal employment opportunities to all employees and qualified applicants without regard to sex, gender identity, sexual orientation, age, race, color, creed, marital status, national origin, disability, veteran status, genetic information or any other basis protected by law. This policy applies to all terms and conditions of employment including, but not limited to employment, advancement, assignment, and training. This commitment to Equal Employment Opportunity is made equally as a social responsibility and as an economic and business necessity.

McKinstry is a drug-free workplace. Employment iscontingent upon successfully passing a pre-employment drug and alcohol test, complying with the requirements of the Immigration Reform and Control Act and a Confidentiality Agreement, in addition to successful outcomes of background and reference checks.

Applicants for this role will only be considered if they possess current US Work Authorization, and do not require employer-sponsored VISA support to begin or remain in this role.

#LI-NW1