AppSec Jobs
← Back to all jobs

Cleveland-Cliffs

Lead IT DevSecOps Engineer

Cleveland, OHWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Cleveland-Cliffs

Cleveland-Cliffs Inc. is the largest flat-rolled steel producer in North America, with a strong focus on value-added sheet products for the automotive industry. The company is vertically integrated, managing everything from iron ore mining to steelmaking, finishing, stamping, tooling, and tubing. Headquartered in Cleveland, Ohio, it employs around 30,000 people across its operations in the United States and Canada. Founded in 1847, Cleveland-Cliffs has a rich history of growth and innovation, including significant expansions through acquisitions and infrastructure development. The company is committed to sustainability, achieving a 25% reduction in carbon emissions and emphasizing water conservation and waste reduction. Cleveland-Cliffs produces iron ore pellets, direct reduced iron, and a range of flat-rolled steel products, serving diverse markets with its comprehensive offerings.

Industry

mechanical or industrial engineering

Employees

30,000

747 engineers

Revenue

$19B

Website

Visit →

Security at Cleveland-Cliffs

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

Stated AppSec Mission: Information not publicly available. Developer Enablement vs. Gatekeeping: Information not publicly available. Risk Philosophy: 'program to assess, identify and manage material risks from cybersecurity threats' – SEC 10-K (2025). Stated Pain Points or Goals: 'Lead Penetration test remediation' – Michael Mack LinkedIn.

Security Team

Org Structure & Reporting Line: The CISO 'updates the Audit Committee at least twice each year regarding our cybersecurity programs' – Cleveland-Cliffs Proxy Statement (2025). Key Public-Facing Leaders: - Michael Mack, Chief Information Security Officer (CISO) – https://www.linkedin.com/in/michaeldmack - Key Quote: 'Implemented NIST Cyber Security Framework' – Michael Mack LinkedIn. Team Size Estimate (as_of:): - LinkedIn Search Query: site:linkedin.com/in/ "Cleveland-Cliffs"AND ("security"OR "cybersecurity") - Result: Information not publicly available (exact count not verified). Active AppSec Job Postings (as_of:): - Count: 0 (No specific AppSec titles found; 1 IAM role identified). - Common Skill/Tool Patterns: 'Implement and maintain Active Directory security' – Careers Site (Job ID: 22761176).

Key Initiatives

Security Champions Program: No Evidence Found. 'Shift Left' in Practice: Information not publicly available. Vulnerability Management Process: - Intake: 'Penetration test' – Michael Mack LinkedIn. - Triage/Remediation: 'Lead Penetration test remediation' – Michael Mack LinkedIn. Secure SDLC Artifacts: Information not publicly available. Recent Initiatives (Last 6 Months): Information not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.