Senior Cybersecurity Engineer

Hampton Lumber is a thriving family‑owned company aspiring to be North America’s preferred source for responsibly‑sourced wood solutions. Headquartered in Portland, Oregon, we operate nine sawmills in Western Oregon, Washington, and British Columbia. We also manage timberland and operate a wholesale and import/export division.

Our mission is to grow, manufacture, and market renewable wood products and deliver innovative solutions for a more sustainable built environment. At Hampton Lumber, we accomplish this through our own operations as well as those of our affiliates—Trapa Forest Products, Idaho Timber, and Red Built. Our tagline, "Find a better way every day," encapsulates our commitment to innovation and improvement across all operations.

We are guided by our core values:

• Safety – Prioritize safety across all operations.
• Integrity & Authenticity – Operate honestly and ethically while preserving our distinctive family‑owned brand.
• Responsible Stewardship – Endeavor to balance and maintain economic, social, and environmental values in everything we do.
• Tenacity – Embrace challenges with grit, determination, and a can‑do spirit.
• Continuous Improvement – Strive to enhance our processes, products, and people.
• Customer Satisfaction – Be nimble, responsive, and solutions‑oriented.
• Community Engagement – Be a responsive, supportive, and respected member of the community.

With over 80 years in the sawmill business, we are proud to have cultivated the knowledge and experience needed to grow and prosper, even in challenging times. We always look to the future and invest in our people, new technologies, and continuous improvement processes and techniques.

Are you passionate about making a meaningful impact in the world of cybersecurity? Hampton Lumber is looking for a visionary Senior Cybersecurity Engineer to champion technical and operational security leadership across our multi‑company enterprise. In this influential role, you’ll report directly to the CIO and take ownership of shaping, building, and continuously enhancing our cybersecurity policies and practices. You’ll have the unique opportunity to lead incident response and investigations, drive innovation in our security posture, and collaborate with people who truly make Hampton a remarkable place to work.

In addition to a competitive salary, we offer substantial benefits:

• Medical and dental insurance premiums paid in full; mental health coverage; cost‑effective co‑pays and deductibles.
• 401(k) with 5% company contribution and generous matching contributions vested over three years.
• Paid time off, including eight paid holidays.
• Opportunity to earn bonuses.
• Employee wellness program that includes free counseling sessions, financial and legal guidance, and more.
• Opportunities for paid training to support career advancement and personal development.

• Establish, maintain, and continuously improve Hampton Lumber’s cybersecurity policies, standards, and controls across all affiliate companies, aligned with business risk and operational realities.
• Translate cybersecurity frameworks (e.g., NIST, CIS) into practical, actionable controls appropriate for Hampton’s environment.
• Partner with the CIO to define multi‑year security roadmaps, priorities, and investment recommendations.

• Serve as the technical lead for cybersecurity incident response, including detection, containment, eradication, recovery, and post‑incident analysis.
• Lead and coordinate security investigations, including forensic analysis, evidence collection, and root cause determination.
• Act as Hampton’s primary security liaison with external partners such as MSSPs, vendors, insurers, and legal counsel during incidents.
• Produce clear executive‑level incident briefings and post‑incident reports with actionable recommendations.

• Design, implement, and operate security controls across identity, endpoint, email, network, and cloud environments.
• Own and continuously improve Hampton’s security monitoring and detection capabilities (e.g., SIEM, EDR, threat intelligence).
• Drive vulnerability management, secure configuration…