Sr Engineer, Information Security (Python Coding)

Your Impact
The primary purpose of this role is to support the design, implementation, and ongoing operation of information security tools and services. This includes leading the process of translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to design and implement remediation solutions. To be successful, the individual in this role must have strong knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role establishes and maintains programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.

• Lead the design, construction, and enhancement of advanced cybersecurity platforms, leveraging expert-level scripting methodologies and custom code development to ensure superior security infrastructure and resilience.
• Leads the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
• Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
• Collaborates with other technology teams including Engineering to design and implement remediation solutions
• Identifies, reports, and provides assistance during information security incidents as part of an Incident Response Team; reviews and responds to security alerts to investigate malicious activity.
• Supports evaluation of new security technologies that address both current and future needs based on emerging threats and industry trends
• Keeps up to date with exploits relevant to the retail sales environment
• Solves complex architecture/design and business problems; solutions are extensible; works to simplify, optimize, remove bottlenecks, etc.
• Provides mentoring and guidance to more junior-level engineers; may provide feedback and direction on specific engineering tasks
• Respond to escalated security issues for enterprise systems; facilitate advanced diagnosis and troubleshooting when necessary
• Provides input into security breach response procedures; helps lead security breach response activities
• Leads break/fix activities, escalating problems to senior management and/or vendors as appropriate.
• Analyzes the output of industry-standard cybersecurity tools and identifies remediations to reduce risk and exposure of applications
• Completes custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• Evaluate entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities.
• Individual Contributor

• Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work experience in a related field) and 5-7 Years 5 Years of Experience in technology system support, software development, or a related field
• 2-3 Years of Experience with information security applications and systems.
• 2-3 Years of experience in coding and scripting languages (e.g.: Python, Java, JavaScript) to develop and maintain custom scripts and platform extensions.

• Master's Degree Computer Science, CIS, Business Administration, or related field 3-5 Years 3 Years of Experience evaluating entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
• 1-2 Years 1 Year of DevOps experience
• 3-5 Years 3 Years of Experience evaluating entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
• 3-5 Years 3 Years of Experience in the custom enhancement or development of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• 3-5 Years 5 Years of IT experience developing and implementing business systems within an organization
• 3-5 Years 5 Years of Experience working with defect or incident tracking software
• 3-5 Years 5 Years of Experience writing technical documentation in a software development environment
• 3 Years of Experience working with an IT Infrastructure Library (ITIL) framework
• 3 Years of Experience leading teams, with or without direct reports
• 5 Years of Experience working with source code control systems
• Experience working with Continuous Integration/ Continuous Deployment tools
• Experience with Cloud technologies
• CISSP Certified Information Systems Security Professional
• CISM - Certified Information Security Manager
• Certified Ethical Hacker (CEH)
• PCI ISA
• Certified Information Systems Auditor (CISA)
• OSCP
• GPen