Build your best future with the Johnson Controls team
As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard – your next great opportunity is just a few clicks away!
What we offer:
Competitive salary
Paid vacation/holidays/sick time
Comprehensive benefits package including 401K, medical, dental, and vision care
On the job/cross training opportunities
Encouraging and collaborative team environment
Dedication to safety through our Zero Harm policy
What you will do:
Investigate and respond to security alerts and incidents, performing root cause analysis and driving corrective actions.
Lead and support incident response efforts, coordinating across teams to contain and remediate threats.
Continuously improve detection and response processes through automation, runbook development, and SOP creation.
Identify and strengthen threat detection and prevention capabilities.
Integrate threat intelligence into operational workflows to proactively address emerging threats.
Collaborate with Security, IT, and Business teams to enhance readiness and resilience through joint response planning.
What You’ll Need to Succeed
Extensive experience in Security Operations and Incident Response, with a strong track record of handling complex incidents.
Proficiency with modern cybersecurity tools (EDR, SIEM, firewalls, WAF, identity, and cloud security platforms).
Experience operationalizing threat intelligence and developing detection strategies for evolving threats.
Strong analytical and problem-solving skills, with a focus on process rigor and continuous improvement.
Ability to drive action and influence outcomes in fast-paced, cross-functional environments.
Excellent communication and collaboration skills, with a team-first mindset and mentoring capabilities.
What we look for:
Required
1–3 years in a SOC, incident response, IT security operations, or adjacent role (e.g., EDR admin, blue team intern/co-op).
Experience with at least one of: SIEM, EDR/XDR, secure email gateway, cloud security tools (M365 Defender suite, Defender for Endpoint, Sentinel, Splunk, CrowdStrike, Palo Alto, Zscaler, etc.).
Familiarity with core investigation concepts: event correlation, user/host baselining, MITRE ATT&CK, common malware/TTPs, phishing indicators.
Strong communication skills—able to explain technical issues to non-technical users and document clearly and concisely.
Understanding of basic networking (TCP/IP, DNS, HTTP, VPN) and Windows/Linux fundamentals (processes, services, logs, registry, authentication).
Ability to work in a ticket-driven environment with SLAs and handoffs to an MSSP.
Inquisitive personality that lends itself to question asking and research
Preferred
Exposure to manufacturing/OT environments (ICS/SCADA basics, Purdue model, segmentation concepts, remote access risks).
Experience with SOAR workflows and playbooks; basic scripting (PowerShell, Python, KQL) for triage automation.
Knowledge of identity security (AAD, MFA, conditional access), email security, and cloud log sources.
Certifications: Security+, CySA+, Microsoft SC‑200, GSEC, or equivalent.
NOTE: This is a virtual/remote position considering candidates who reside within the United States.
HIRING SALARY RANGE: $76,000 - $105,000 (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) The posted salary range reflects the target compensation for this role. However, we recognize that exceptional candidates may bring unique skills and experiences that exceed the typical profile. If you believe your background warrants consideration beyond the stated range, we encourage you to apply. To support an efficient and fair hiring process, we may use technology assisted tools, including artificial intelligence (AI), to help identify and evaluate candidates. All hiring decisions are ultimately made by human reviewers. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at https://jobs.johnsoncontrols.com/about-us
#LI-Remote
Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.