Engineer, Information Security (Network Security Engineer)

Your Impact

The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.

To be successful, the individual in this role must have knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.

• Lead the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures).
• Have hands-on management and configuration of physical and cloud firewalls (Palo Alto, Fortinet).
• Have cloud security design and engineering for firewalls in multiple environments (GCP, Azure, OCI).
• Have Palo Alto remote access management for both networks and users with Prisma and GlobalProtect as well as ZTNA solutions such as Axis.
• Have good knowledge of Firewall, Network, IT Compliance, and Project Management.
• Have the ability to communicate and add value to IT Infrastructure, Security, Network Architectural Design, IT Security & Compliance.
• Have strong knowledge of firewall and network infrastructure and topology.
• Have strong knowledge of firewalls, web proxy, VPN, and Network Access Control.
• Have experience with upgrading/installing firewalls and network devices.
• Assist the Information Security team in monitoring security systems, reviewing logs, and managing information security systems.
• Collaborate with other technology teams including Engineering to design and implement remediation solutions.

• Support evaluation of new security technologies that address both current and future needs based on emerging threats and industry trends.
• Keep up to date with exploits relevant to the retail sales environment.
• Solve complex architecture/design and business problems; solutions are extensible; works to simplify, optimize, remove bottlenecks, etc.
• Provide mentoring and guidance to more junior-level engineers; may provide feedback and direction on specific engineering tasks.
• Respond to escalated security issues for enterprise systems; facilitates advanced diagnosis and troubleshooting when necessary.
• Participate in the implementation of hardware and software changes into environments to ensure security requirements are met.
• Lead break/fix activities, escalating problems to senior management and/or vendors as appropriate.
• Maintain updated documentation and provide support and turnover to Security Operations teams.
• Be familiar with automation and scripting tools (Python, Ansible, etc.).

• Bachelor's degree in computer science, CIS, Engineering, Cybersecurity, or a related field (or equivalent work experience in a related field).
• 2 Years of experience in technology system support, software development, or a related field.
• 1 Year of experience with information security applications and systems

• Master's degree in computer science, CIS, Business Administration, or related field
• 1 Year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC).
• 2 Years of experience analyzing the output of industry-standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications.
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen).
• Advanced understanding of information security practices and policies.
• 2 Years of IT experience developing and implementing business systems within an organization.
• 2 Years of experience working with defect or incident-tracking software.
• 2 Years of experience with technical documentation in a software development environment.
• 2 Years of experience working with an IT Infrastructure Library (ITIL) framework.
• 2 Years of experience leading teams, with or without direct reports.
• Experience with Cloud technologies.