×
Address
Johns Creek, Fulton, US
Share
Text size
aA+ aA-
Print
Click here to print

Security Engineer

Country : USA USA

State : Georgia

County : Fulton County

Town : Johns Creek

Category : Logistics

Contract type : Permanent

Availability : Full time

Company presentation

About:
Macy's is proudly America's Department Store. For more than 160 years, Macy's has served generations at every stage of their lives. Customers come to us for fashion, value and celebration. Now is an exciting time to join Macy's, Inc. The face of retail is changing, and change requires innovation.
Macy's Tech provides modern tools, platforms, and services to all parts of the business. Our team supports millions of customers in connected commerce across the technology hub at Macy's Join our team to help shape the future of e-commerce and set the pace in retail technology. Whether focused on store technology, supply chain tech, application security, merchandising systems, or the mobile app - you'll have opportunities to grow your career while finding meaningful ways to make a difference.

Job description

Job Overview:

The Security Engineer will monitor and investigate normal and escalated security events to determine risk and exposure and perform additional forensics investigations to understand impact and mitigation. This position will be required to have good written and oral communication skills to present the results of the technical analysis and research of each incident or investigation.

The Security Engineer should have experience and/or understanding of multiple security platforms and layers including Anti-virus, Firewalls, Proxy servers, Intrusion Prevention Systems, Logging Correlation/management, Operating systems, Protocols and Incident Response.

Essential Functions:

  • Responds to escalated security events or incidents and implements countermeasures to reduce and/or mitigate further exposure.
  • The Analyst performs triage on events which are reported by various detection devices to filter out things such as false positives and known accepted activities.
  • Leads and manages security investigations from discovery to resolution and works as an incident response manager for each security incident.
  • Creates reports to display trends and overall statistics based on correlated security incidents and event data to produce monthly exception and management reports.
  • Creates and implements standard operating procedures and processes to help streamline investigations, daily monitoring, and analysis research to ensure all analysts are effective and following the same guidelines.
  • Understanding of Incident response methodologies and assist with coordinating security incidents.
  • Resolves high impact and/or complex, chronic or cross-functional problems.
  • Ability to explain technical concepts to technical or non-technical personnel.
  • Ability to identify common network and web site attacks such as SQL injection, cross site scripting, remote file inclusion and cookie manipulation.
  • Ability to decode and understand traffic flow at packet level traces (skilled with TCPDUMP, PCAPs, traffic generators, etc.).
  • Ability to perform IDS / IPS real-time monitoring analysis and/or network forensics.
  • Knowledge or skill to create correlation rules to detect threats.
  • Ability to understand, analyze and correlate security events and implement counter-measures to mitigate against intrusion attacks.
  • Maintaining security monitoring and reporting appliances in addition to leading and analyzing security reporting.
  • Have experience with using SIEM technologies.
  • Knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virus scanning, web servers, SSL/encryption and reporting packages.
  • An understanding of a wide array of server grade applications to include Lotus Notes, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
  • Understanding of host based FIM (File Integrity Monitoring) solutions
  • Experience with Identifying/blocking Phishing emails and campaigns
  • Working knowledge of EndPoint Detection Tools (Malware Protection/EDR)
  • Working knowledge of Intrusion Prevention Systems/Technologies.

Profile

Qualifications and Competencies:
  • Bachelor's degree or 1-3 years of experience in IT or Information Security preferred.

  • Understanding of Incident response methodologies and assist with coordinating security incidents.

  • Resolves high impact and/or complex, chronic or cross-functional problems.

  • Ability to explain technical concepts to technical or non-technical personnel.

  • Ability to identify common network and web site attacks such as SQL injection, cross site scripting, remote file inclusion and cookie manipulation.

  • Ability to decode and understand traffic flow at packet level traces (skilled with TCPDUMP, PCAPs, traffic generators, etc.).

  • Ability to perform IDS / IPS real-time monitoring analysis and/or network forensics.

  • Knowledge or skill to create correlation rules to detect threats.

  • Ability to understand, analyze and correlate security events and implement counter-measures to mitigate against intrusion attacks.

  • Maintaining security monitoring and reporting appliances in addition to leading and analyzing security reporting.

  • Have experience with using SIEM technologies.

  • Knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virus scanning, web servers, SSL/encryption and reporting packages.

  • An understanding of a wide array of server grade applications to include Lotus Notes, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.

  • Understanding of host based FIM (File Integrity Monitoring) solutions

  • Experience with Identifying/blocking Phishing emails and campaigns

  • Working knowledge of EndPoint Detection Tools (Malware Protection/EDR)

  • Working knowledge of Intrusion Prevention Systems/Technologies.

  • Excellent written and verbal communication skills.

  • Ability to create detailed and/or focused documentation, reports or standard procedures.

  • Instructs users on advanced features/functions of business and multiple applications software.

  • Writes clear problem descriptions and instructions to aid other individuals or groups in problem duplication and resolution.

  • Basic math functions such as addition, subtraction, multiplication, division, and analytical skills.

  • Must be able to work independently with minimal supervision and make sound decisions.

  • Have an understanding and working knowledge of regulatory and audit mandates to ensure environments meet PCI, FFIEC, SOX and corporate standards.

  • Understanding of web applications authentication, session management, requests, form submission processes.

  • Ability to work a flexible schedule based on department and company needs.


TECH00
Share
Print
Click here to print

Fashion Jobs

Store Protection Specialist

ROSS STORES
| Permanent | Land o' lakes

Part-Time Security Associate

ABERCROMBIE AND FITCH CO.
| Permanent | Columbus

Store Protection Specialist

ROSS STORES
| Permanent | Los angeles