Sr. Engineer, Cyber Security

• Design and implement security solutions across network, infrastructure, endpoints, identity, and cloud environments.
• Define and enforce security standards, patterns, and best practices across IT.
• Embed security into system design, application development, and integration efforts ("secure by design").
• Partner with all IT Teams to ensure new solutions meet security requirements from the outset.
• Evaluate emerging technologies and recommend improvements to strengthen overall security posture., * Own and continuously improve incident response processes, including playbooks, escalation paths, and post-incident reviews.
• Conduct root cause analysis and ensure corrective actions are implemented and sustained.
• Simulate and test response readiness (e.g., tabletop exercises, incident scenarios).
• Drive improvements in detection coverage, response time, and overall resilience., * Support implementation of least privilege access, role-based access controls, and privileged access management.
• Assist in the rollout and governance of identity platforms.
• Ensure identity-related controls are integrated into broader security architecture and operations.
• Help drive adoption of IAM best practices across IT and business teams., * Partner closely with the managed security services provider (MSSP) to ensure effective monitoring, detection, and response.
• Establish clear accountability, service expectations, and performance metrics with the vendor.
• Continuously evaluate vendor performance and drive improvements where needed.
• Ensure seamless coordination between internal IT teams and external partners-no gaps, no duplication, no finger-pointing.
• Act as the internal owner of the relationship, ensuring services align with Holley's security priorities and risk posture., * Partner with audit and risk teams to prepare for and complete audits successfully.
• Maintain documentation of controls, processes, and evidence.
• Ensure ongoing adherence-not just point-in-time compliance., * Act as a trusted advisor across the entirety of IT
• Ensure security is fully integrated into IT processes, not operating as a siloed function.
• Enable teams to make secure decisions without slowing down delivery.
• Serve as the escalation point for complex security challenges.
• Promote a culture of shared ownership for security across IT., * Experience supporting compliance frameworks such as TISAX, SOX, ISO 27001, or NIST.
• Proven ability to translate risk into actionable technical controls.
• Strong analytical and incident response capabilities.

Do you have experience in Vulnerability management?, * 8-12+ years of experience in cybersecurity, with strong hands-on engineering expertise.

• Experience working with managed security service providers (MSSPs) or external security vendors.
• Deep experience across multiple security domains (network, endpoint, cloud, identity, application security).

Pulled from the full job description

• Health insurance
• 401(k) matching
• Paid time off
• Employee discount
• Vision insurance
• Dental insurance
• Employee assistance program, At Holley, we're more than a performance parts company-we're a community of enthusiasts, innovators, and problem-solvers. We offer a competitive benefits package and a culture that values both performance and people., * Competitive medical, dental, and vision coverage starting day one.
• 401(k) with company match
• Paid time off and 9 paid holidays
• Employee Assistance Program (EAP)
• Company-paid life and short-term disability insurance
• Employee discounts on Holley Performance Brands products, events, and partnerships
• Education Assistance program

Holley is an Equal Opportunity Employer committed to building a diverse and inclusive workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, veteran status, disability, or any other legally protected status.