Job Description
ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. Unless specifically stated otherwise, this role is "On-Site" at the location detailed in the job post.
Job Description
Build your best future with the Johnson Controls team
As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard – your next great opportunity is just a few clicks away!
What We Offer:
Competitive salary
Paid vacation/holidays/sick time
Comprehensive benefits package including 401K, medical, dental, and vision care
On the job/cross training opportunities
Encouraging and collaborative team environment
Dedication to safety through our Zero Harm policy
What You Will Do:
Investigate and respond to security alerts and incidents, performing root cause analysis and driving corrective actions.
Lead and support incident response efforts, coordinating across teams to contain and remediate threats.
Continuously improve detection and response processes through automation, runbook development, and SOP creation.
Identify and strengthen threat detection and prevention capabilities.
Integrate threat intelligence into operational workflows to proactively address emerging threats.
Collaborate with Security, IT, and Business teams to enhance readiness and resilience through joint response planning.
What You’ll Need to Succeed
Extensive experience in Security Operations and Incident Response, with a strong track record of handling complex incidents.
Proficiency with modern cybersecurity tools (EDR, SIEM, firewalls, WAF, identity, and cloud security platforms).
Experience operationalizing threat intelligence and developing detection strategies for evolving threats.
Strong analytical and problem-solving skills, with a focus on process rigor and continuous improvement.
Ability to drive action and influence outcomes in fast-paced, cross-functional environments.
Excellent communication and collaboration skills, with a team-first mindset and mentoring capabilities.
Auto req ID
467011BR
Minimum Education Required
High School/GED
Job_Category
Accounting
Additional Qualifications/Responsibilities
What we look for:
Required
1–3 years in a SOC, incident response, IT security operations, or adjacent role (e.g., EDR admin, blue team intern/co-op).
Experience with at least one of: SIEM, EDR/XDR, secure email gateway, cloud security tools (M365 Defender suite, Defender for Endpoint, Sentinel, Splunk, CrowdStrike, Palo Alto, Zscaler, etc.).
Familiarity with core investigation concepts: event correlation, user/host baselining, MITRE ATT&CK, common malware/TTPs, phishing indicators.
Strong communication skills—able to explain technical issues to non-technical users and document clearly and concisely.
Understanding of basic networking (TCP/IP, DNS, HTTP, VPN) and Windows/Linux fundamentals (processes, services, logs, registry, authentication).
Ability to work in a ticket-driven environment with SLAs and handoffs to an MSSP.
Inquisitive personality that lends itself to question asking and research
Preferred
Exposure to manufacturing/OT environments (ICS/SCADA basics, Purdue model, segmentation concepts, remote access risks).
Experience with SOAR workflows and playbooks; basic scripting (PowerShell, Python, KQL) for triage automation.
Knowledge of identity security (AAD, MFA, conditional access), email security, and cloud log sources.
Certifications: Security+, CySA+, Microsoft SC‑200, GSEC, or equivalent.
NOTE: This is a virtual/remote position considering candidates who reside within the United States.
HIRING SALARY RANGE: $76,000 - $105,000 (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.)
City*
Fort Worth
State*
Texas
Job Code
Operations_ Specialist
Affiliate Sponsor
Johnson Controls
