IT Security Engineer

WinCo Foods

$85K — $110K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Associates degree in IT, Computer Science, or related field and 5-7 years of IT Security experience or equivalent combination of education and experience.
  • At least five years working in an enterprise technology security or engineering role.
  • Technical knowledge of Firewall, LAN/WAN configurations, VPNs, and various operating systems.
  • Experience implementing and managing enterprise security solutions like antivirus, encryption, and IDS/IPS.
  • Familiarity with security tools for penetration testing and vulnerability scanning.

Responsibilities

  • Design and implement robust security solutions for WinCo Food's technology environment.
  • Collaborate with IT teams to ensure secure data systems.
  • Identify weaknesses in security and propose upgrades or modifications.
  • Lead the implementation of new security technologies and manage vendor relationships.
  • Conduct audits and vulnerability scanning to enhance security measures.

Benefits

  • Opportunity to work within a collaborative and innovative security team.
  • Engaging company culture focused on customer service and security education.
  • Professional development opportunities and training.
  • Access to current security tools and technologies.
  • Flexible scheduling with on-call support for incidents.
Full Job Description
Overview

Job Summary

Design, implement and support information security solutions for WinCo Food's technology environment. Actively monitor current threats and counter-measures, recommend and implement improvements to security architecture and security technology. Ensure ongoing regulatory compliance and the protection of WinCo Food's payment systems, computer systems, network devices and sensitive data. Collaborate with cross-functional teams to cultivate WinCo Food's security culture. Consistently provide friendly and engaging customer service to internal and external customers. Perform related work.

Typical Duties and Responsibilities
  • Maintain an atmosphere of friendly, enthusiastic customer service with an emphasis on taking care of the customer. Provide exceptional customer service by telephone, email, and in person.
  • Work with other Information Technology (IT) teams to ensure logical and physical security of all systems and data.
  • Identify security gaps or weaknesses, and recommend solutions to reduce risk to the company.
  • Lead initiatives to implement new security solutions. Identify vendors, evaluate tools and implement the solution(s).
  • Establish vulnerability-scanning procedures and work with the necessary teams to prioritize and install patches and security fixes based upon risk and impact.
  • Act as the subject matter expert for IT Security on company technology projects lead by other teams.
  • Develop security protection goals, objectives and metrics consistent with enterprise best practices.
  • Produce periodic reports on security metrics and incidents.
  • Perform log and event analysis of systems and security technologies to identify anomalies and suspicious activity.
  • Develop monitoring and alerting for security technologies including IDS/IPS, firewall, vulnerability scanning, security logging and event management.
  • Respond to security incidents and coordinate response, containment, forensics and mitigation.
  • Conduct information security investigations and threat assessments.
  • Perform maintenance, configuration and support of IDS/IPS, firewall, web proxy, vulnerability scanning, SIEM, and other security technologies.
  • Promote security awareness across the organization through end-user training, knowledge transfer, and documentation of threats and vulnerabilities.
  • Actively research and communicate current threats and attack vectors to IT management.
  • Develop, document and update IT security procedures and policies.
  • Perform on-call support for security events.
  • Perform other projects and duties as needed and assigned.

Requirements

Education:
  • Associates degree in IT, Computer Science, or related field AND five (5) years of IT Security or Engineering experience OR equivalent combination (seven (7) years) of education, training, and/or experience demonstrating considerable knowledge of IT security.

Experience:
  • At least five (5) years direct experience working in an enterprise technology environment in a security or engineering role.
  • Demonstrating technical working knowledge of design considerations for Firewall, LAN, WAN, WLAN, VPN, Windows Server, Active Directory, DMZs, Certificate (PKI) Infrastructure, Unix/Linux, Virtual Infrastructure, and network protocols.
  • Implementing and managing enterprise security solutions such as antivirus, encryption methodologies, IPS/IDS, Web Content Filtering, Identity and Access Management, email security, and monitoring and alerting.
  • Demonstrating familiarity with security tools used for penetration testing, vulnerability scanning and forensics.
  • Implementing security best practices related to networks, servers, end-user devices and sensitive information.
  • Hands-on with log aggregation or SIEM technologies including implementation and support.
  • Understanding of cyber security concepts, principles and industry-recognized security frameworks such as ISO 27002, NIST, CIS CSC, etc.
  • Hands-on hardware and software troubleshooting.
  • Demonstrating knowledge of applicable data privacy practices and laws.
  • Exhibiting excellent customer service skills, working well with others and demonstrating professionalism and courtesy in all customer interactions.
  • Working in a team-oriented, collaborative environment.

Ability to:
  • Consistently provide friendly and engaging customer service to internal and external customers.
  • Demonstrate strong organizational skills, initiative and self-direction to effectively manage time and perform tasks to meet timelines and work quality expectations.
  • Effectively prioritize and execute tasks in a high-pressure environment.
  • Continually assess WinCo's security posture, and design and implement solutions for gaps.
  • Learn and apply new/emerging technologies and best practices.
  • Conduct research into IT security issues, products and solutions.
  • Demonstrate strong analytical and problem-solving abilities while always maintaining attention to detail.
  • Exhibit strong written and oral communication skills.
  • Be highly motivated with a passion for IT Security.
  • Communicate complex, technical, information and ideas to all levels of audiences.
  • Demonstrate excellent interpersonal skills.
  • Be on call to respond to security incidents, including evenings, weekends and holidays as required.
  • Travel up to 10% of the time.

Machines and Equipment Operated:
  • Office machines (computer terminal, copier/scanner, fax machine, telephone etc.).

Preferred Education, Experience and/or Credentials:
  • Five (5) years direct experience working with enterprise security tools, including at least 3 years of implementing and managing enterprise security tools.
  • Experience with open-source operating systems and security related tools.
  • One or more industry recognized security certification, such as CISSP, GIAC, Security+, etc.
  • One or more industry recognized technology certification, such as MSCE, CCNA, CCNP, etc.
  • Working knowledge of PCI DSS compliance framework.

The above statements are intended to describe the general nature of work performed by the employees assigned to this job. All employees must comply with Company policies and applicable laws. The responsibilities, duties and qualifications required of personnel may vary.

Similar Jobs

More Jobs at WinCo Foods

More Information Technology Jobs

Find similar IT Security Engineer jobs: