Senior Information Security Engineer – 23010044

Job Expired

About the job


The Senior Information Security Engineer guides various information systems initiatives, projects, and systems to provide a secure computing environment. Provides design recommendations for new information security and information systems deployments and products and is an escalation point for third level support.

    • Interfaces between security policymakers and Information Technology Services teams.
    • Assists with the design and deployment of business and technology solutions throughout the business.
    • Determines security requirements for the enterprise (including new and existing deployments).
    • Creates and maintains security policy as required.
    • Performs risk assessments of new hardware and software deployments.
    • Evaluates changes to major infrastructure, identifies issues and provides remediation plans as required.
    • Works with outside vendors to evaluate and recommended technologies.
    • Develops and maintains security processes.
    • Evaluates security posture of projects throughout the enterprise from conception to deployment.
    • Assists in conducting information security assessments and risk analysis of computing environment and in managing remediation efforts with Information Technology organization when vulnerabilities are identified.
    • Performs and maintains compliance efforts with various laws and industry regulations including Payment Card Industry Data Security Standards (PCI-DSS), Sarbanes-Oxley (SOX) and HIPAA and Big Lots Information Security Policies.
    • Reviews application design and develops and recommends remediation plans as required.


    • Bachelor’s Degree in in computer science or related field or equivalent experience required.
    • Minimum of six years of experience in an Information Technology field with at least three years in an information security function required. Experience in a retail company preferred.
    • System design and architecture experience required.
    • Systems administration and/or network/data communications experience required.
    • Experience conducting security assessments and knowledge of Windows and Linux operating systems required.
    • Experience with software development or background with writing automated scripts required.
    • Direct experience with anti-virus software, intrusion detection, firewalls and content filtering required.
    • Knowledge of risk assessment tools, technologies and methods required.
    • Experience designing secure networks, systems and application architectures required.
    • Knowledge of disaster recovery, computer forensic tools, technologies and methods required.
    • Experience planning, researching and developing security policies, standards and procedures required.
    • Professional experience in a system administration role supporting multiple platforms and applications required.
    • Ability to communicate network security issues to peers and management required.
    • Ability to read and use the results of mobile code, malicious code, and anti-virus software required.
    • Strong understanding of endpoint security solutions including File Integrity Monitoring, Data Loss Prevention, Anti Virus, Next Gen Malware Protections and application Whitelisting required.
    • Knowledge of core internet and network protocols preferred (e.g., TCP/IP, DNS, SMTP, HTTP etc.) required.
    • Demonstrated strong interpersonal skills with the ability to develop alliances with key stakeholders preferred.
    • Ability to work extended hours, drive an automobile and travel as required.
    • OSCP, CCNA, CCIE, CASP or CISSP certifications preferred.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws.

More Information

  • This job has expired!

Leave your thoughts

Share this job