Lead Security Engineer

The Engineer will work closely with the security endpoint team which is responsible for maintaining and operating services that protect externalized applications, user endpoints and databases within Bath and Body Works (BBW) infrastructure. The services we operate are of a global nature, providing service solutions to multiple business units, across the global enterprise. Thus, one of our team’s roles is to communicate efficiently with all the stakeholders and customers in different countries. The Endpoint Lead will become a member of our agile and strong team and his/her role will be to monitor, analyze, and report on those services to ensure they meet the needs of the business, function well within the BBW environment, and align with the strategic direction of the service line. The Lead Engineer will provide recommendations for improvements and optimizations based on his/her experience and analytical insight into current operations and processes.

This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following…

• Build tooling to support the endpoint security program
• Improve the security posture of BBW endpoints (Mac, Windows, Linux)
• Collaborate cross functionally to make design/strategy decisions and advocate for security improvements.
• Build and deploy endpoint protection solutions that integrate security best practices with employee needs
• Conduct research to identify threats and attack vectors and develop mitigating solutions to manage the risk
• Provide information regarding any perceived weaknesses in the security program
• Knowledge transfer and communication of designs and/or implementation plans.
• Provide services based on ISO 27001, ISMS and ITIL and Agile methodology
• Support investigations related to unauthorized activities on key assets (externally facing servers, EOL devices and “crown jewels” data)
• Participate in security incident management activities
• Implement technical and business requirements for data protection solutions, participate in project reviews, documentation processes
• Troubleshoot endpoint encryption, antivirus, and other end point security solutions
• Facilitate complex technology changes on multiple platforms with global customers
• Lead team members through technical growth, career path and other needs related to success in their role
• Provide thought leadership for team and ongoing change/transition in today’s fast paced technology environment and threat landscape
• Provide reporting and escalation support to leadership team
• Work across infrastructure teams and business segments to ensure ongoing program growth and positive impact on network security posture
• Demonstrated ability to analyze and synthesize information and make service recommendations.
• Experience of working with 3rd Party vendors
• Demonstrated ability for sound judgment with strong emphasis on quality, cost and service improvement
• Proven ability to engage with business and 3rd party stakeholders and communicate service issues in their terms
• Passionate about computer security, willingness to learn new technologies
• Basic knowledge about endpoint encryption, antivirus, firewall solutions
• Understanding of information security risks, preventative measures, and incident and threat management (preferable)
• Previous experience with team leadership and mentoring