This is an environment unlike anything in the high-tech world and the secret of Costco’s success is its culture. The value Costco puts on its employees is well documented in articles from a variety of publishers including Bloomberg and Forbes. Our employees and our members come FIRST. Costco is well known for its generosity and community service and has won many awards for its philanthropy. The company joins with its employees to take an active role in volunteering by sponsoring many opportunities to help others. In 2018, Costco contributed over $39 million to organizations such as United Way and Children’s Miracle Network Hospitals.
Costco IT is responsible for the technical future of Costco Wholesale, the second largest retailer in the world with wholesale operations in twelve countries. Despite our size and explosive international expansion, we continue to provide a family, employee centric atmosphere in which our employees thrive and succeed. As proof, Costco consistently ranks in the top five of Forbes “America’s Best Employers”.
The role of each Information Security team member is to support the overarching values and business goals of Costco, including meeting legal, ethical and regulatory obligations; protecting member privacy; and maintaining a security technology environment for our operations.
This Security Analyst position will be a key member of the Cybersecurity Infrastructure – Endpoint Security team that will support, maintain, and develop tools and projects involving endpoint security technologies. The Analyst should have in-depth knowledge of endpoint security software and tools. They should have solid skills in Windows and Linux environments along with experience with working with enterprise networks. They should have experience with cybersecurity frameworks and best practices. Additionally, they will work with management and vendors for product consideration; perform auditing of information system activities; create and maintain documentation related to policies, standards and procedures; and mentor team members with lesser subject matter expertise. This will involve working with many groups throughout IT both domestically and internationally.
If you want to be a part of one of theBEST “to work for” companies in the world, simply apply and let your career be reimagined.
- Designs, implements, configures, and administers endpoint security software on all company endpoints.
- Configures, monitors, and maintains security compliance of all company endpoints.
- Works with information systems owners and administrators to understand their security needs and assists with implementing practices and procedures consistent with Costco’s security policies.
- Works with Compliance, Internal Audit, and Business teams to identify and analyze risks.
- Works with stakeholders to provide security solutions that support their business requirements.
- Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance with and in support of security standards and procedures.
- Responds to discovered security incidents by informing appropriate custodians, determining root cause, and identifying and executing remedial actions (if necessary) required to re-establish respective information system security.
- Assumes a leadership role in advocating internally and externally for compliance to security measures to protect Costco’s applications and environments.
- Builds and maintains vendor partnerships to further Costco’s mission and goals.
- Maintains current knowledge of industry trends and standards.
- One or more professional audit or security certifications such as CISA, GSEC and/or CISSP (or equivalent experience).
- Thorough experience within both Windows and Linux environments.
- Experience with Endpoint antivirus, host based firewalls, and management tools.
- Experience with Endpoint Detection & Response tools.
- Experience with File Integrity Monitoring.
- Experience with the management of whole disk encryption.
- Experience working with hybrid cloud infrastructures.
- Strong knowledge and use of Configuration Management systems such as SCCM, Puppet, Ansible, etc.
- Thorough understanding of security frameworks such as HIPAA, SOX, PCI, GDPR, CCPA, etc.
- Ability to review network diagrams and device configurations to ensure security standards are in place.
- Thorough understanding of the OSI model, as well as IPv4/IPv6 protocol suite.
- Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
- Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.
- Demonstrate a logical and structured approach to time management and task prioritization.
- Demonstrate a high level of communication skills, verbal and written.
- Participate in team activities and team planning in regards to improving team skills, awareness and quality of work.
- Responsible for continued personal growth in the areas of technology, business knowledge, and Costco policies and platforms.
- Ability to handle highly confidential information in a strictly professional manner.
- Willingness to work outside of regular business hours, as required.
- Experience with one or more scripting languages.
- A Bachelor’s degree in Computer Science or a minimum of 5 years of information systems security experience.
- Experience with one or more of the following: MDM & BYOD Security, Container Security, System Hardening, Baseline Monitoring, IoT Security.
- General knowledge of scalable multi-tier enterprise-level applications.
- Working knowledge of protocols and technologies such as SSL, SSH, SFTP, SNMP, NetBIOS, and DHCP.
- Experience performing computer forensics.
- Familiarity ITILv2/v3 processes such as Service Support, Service Delivery, or Continual Service Improvement.
- Familiarity in a DevOps or DevSecOps environment.
- Cover Letter
California applicants, please click here to review the Costco Applicant Privacy Notice.
Apart from any religious or disability considerations, open availability is needed to meet the needs of the business. If hired, you will be required to provide proof of authorization to work in the United States. Applicants and employees for this position will not be sponsored for work authorization, including, but not limited to H1-B visas.
- Address Dallas, TX, USA
- Salary Offer $50.000 ~ $100.000
- Experience Level Senior
- Total Years Experience 5-10