Cybersecurity Engineer

CPI Security is looking to hire a Cybersecurity Engineer to join our IT Operations and Security team based in Charlotte, North Carolina. At CPI Security, we help families and businesses protect what matters most through customized security, smart home technology, and award-winning service. Founded in Charlotte in 1991, CPI has grown into the 8th largest security provider in the U.S., according to the 2026 SDM 100 rankings, while staying true to our local roots and community-focused culture. As one of the few providers that designs, installs, monitors, and services its own systems, CPI offers employees the opportunity to work with innovative technology, serve customers with care, and make a real impact in the communities we call home.

The Cybersecurity Engineer will help own security operations across detection, investigation, incident response, remediation, and continuous improvement. This is not a monitoring-only role. The ideal candidate is a hands-on security professional who can independently triage and resolve security events, tune detection tools, reduce alert noise, and partner with IT teams to strengthen CPI’s security posture. This role works across endpoint, identity, email, network, cloud, and hybrid environments to improve threat detection, incident response processes, and overall operational security.

• Own the security alert lifecycle, including triage, investigation, containment, remediation, and documentation.
• Lead and support incident response activities, including root cause analysis and post-incident improvements.
• Develop and maintain incident response playbooks, SOPs, and repeatable security processes.
• Document findings and communicate security risks to technical teams and leadership.

• Tune and optimize SIEM, EDR/XDR, IAM, email security, and vulnerability management tools.
• Improve detection accuracy, reduce false positives, and minimize alert fatigue.
• Expand threat detection coverage across endpoint, identity, network, email, cloud, and hybrid environments.
• Evaluate opportunities for automation, process improvement, and stronger operational workflows.

• Partner with IT engineering and infrastructure teams to remediate root causes and improve security controls.
• Support vulnerability management, remediation prioritization, and risk-based decision making.
• Work with hybrid infrastructure environments, including on-premises and cloud-based systems.
• Stay current on emerging threats, attack techniques, defensive strategies, and cybersecurity best practices.

• 3–5 years of experience in IT engineering, systems administration, network engineering, or a related technical role.
• 2+ years of hands-on cybersecurity experience with security alerts, investigations, and incident response.
• Experience with SIEM, EDR/XDR, IAM, email security, and vulnerability management platforms.
• Strong understanding of the incident response lifecycle.
• Knowledge of network security fundamentals, including firewalls, VPNs, IDS/IPS, SD-WAN, and segmentation.
• Familiarity with Microsoft 365 security tools and hybrid on-prem/cloud environments.
• Exposure to AWS or Azure security controls, including IAM, logging, monitoring, or detection tooling.
• Experience tuning security alerts, improving detections, and reducing false positives.
• Scripting or automation experience with PowerShell, Python, or similar tools preferred.
• Strong analytical, problem-solving, documentation, and communication skills.
• Ability to work independently in a collaborative, fast-paced environment.

• CompTIA Security+, CySA+, GSEC, or equivalent certification.
• Experience with Rapid7, Microsoft Defender, or similar security platforms.
• Exposure to security automation, SOAR workflows, or detection engineering.
• Interest in AI-driven security capabilities and emerging security operations technologies.