Listing Description
Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in fourteen countries. Despite our size and explosive international expansion, we continue to provide a family, employee centric atmosphere in which our employees thrive and succeed. As proof, Costco ranks seventh in Forbes “World’s Best Employers”.
The role of every Information Security team member is to support the overarching values and business goals of Costco Wholesale as they relate to meeting legal and regulatory obligations; protecting member, employee, and vendor privacy; and ensuring a technologically secure operating environment. Our Cybersecurity Dynamic Defense Engineers protect the integrity of Costco’s network through aggressive detection and monitoring of potentially malicious behavior and through the development and implementation of our SOAR platform.
If you want to be a part of one of the worldwide BEST companies “to work for”, simply apply and let your career be reimagined.
ROLE
- Writes detection logic for various tools.
- Develops, creates, and writes SOAR automations/playbooks with a strong understanding of python.
- Participates in documenting SOPs, playbooks, identifying and reporting potential gaps in the environment that poses an overall risk to the company, adhering to compliance and privacy standards.
- Provides consultation and guidance to users aligning to best practices while supporting customer needs.
- Builds strong relationships with business partners and sister teams across the Information Security organization while promoting diversity and inclusion amongst the team, creating trusting relationships with team members and business partners and being a SME for other engineers on collaborative teams to provide expert knowledge on an ongoing basis.
- Models Costco’s culture and values while demonstrating the aptitude and capability to learn new tools and performing responsibilities with the highest standards of ethics and integrity.
REQUIRED
- Experience with networking technologies, such as firewalls, routers, load balancers, and proxies.
- Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
- Demonstrated experience of “hands on” security knowledge of one or more of the following platforms: Windows, Linux, UNIX, AIX, or iSeries.
- Experience with Threat Modeling, security assessments, and evaluating mitigating controls.
- Experience with network-based detective controls like IDS, IPS, SOAR, and various SIEMs
- Working knowledge of the XSOAR platform, be able to write playbooks for automation
- Working knowledge of web technologies.
- Ability to quickly understand complicated data flows in order to identify and validate security requirements.
- Must be a team player and willing to establish a strong positive working relationship with all areas of the business.
- Ability to work effectively, independent of assistance or supervision.
- Innovative, creative, and extremely responsive with a strong sense of urgency.
- Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers using appropriate language, examples, and tone.
- Willing to share knowledge and assist others in understanding technical and business topics.
Recommended
- Bachelor’s degree in Computer Science or a minimum of 3 to 5 years of Information Systems security or related data processing auditing experience.
- Any of the following certs are recommended but not required: Certified Intrusion analyst (GCIAs), GIAC Certified Enterprise Defender (GCED), Certified Geographic Information Systems Professional (GISP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Security+ certification
- Familiarity with SOA governance and policy management best practices.
- Familiarity with Regulatory Compliance and industry standards, such as HIPAA, SOX, and PCI.
Dallas,TX and Issaquah,WA
Listing Details
- Salary: $130000 - $175000
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: Not Provided
- Telework: Hybrid Telecommute