Jobs · Information Technology · Washington

Incident Response Security Engineer

Costco IT · Seattle, WA · 2 mo ago
Information TechnologyFull-time

About the role

The Costco IT department is responsible for securing the technology infrastructure of Costco Wholesale, a global retailer with operations in fourteen countries. As a Security Engineer, you will play a crucial role in protecting the company's assets from cyber threats.

Responsibilities

  • Develop, design, implement, and integrate security systems to safeguard enterprise assets.
  • Analyze and administer security policies to control physical and virtual system access.
  • Identify and investigate security issues and develop solutions addressing compliance requirements.
  • Assess business role requirements, review authorization roles, and support authorizations.
  • Create and run commands and execute scripts; communicate with stakeholders during event troubleshooting and research.
  • Build relationships and partnerships with key stakeholders to build secure solutions that protect data and enable the business.
  • Collaborate with other Cyber Security team members, serve as a SME for security operations for multiple technologies, and collaborate with business partners.
  • Provide subject matter expertise in systems security policies, standards/practices, protocols, and technologies.
  • Implement best practices when applying knowledge of information systems security standards/practices.
  • Monitor, analyze, and remediate cybersecurity events by adhering to defined security operating procedures (SOPs).
  • Triages, prioritizes, investigates, and coordinates security events and incident handling activities.
  • Design, configure, and maintain various degrees of security.
  • Model compliance with company policies and procedures and support company mission, values, and standards of ethics and integrity.

Requirements

  • 10+ years in Information Security, including 5+ years in SIEM and 5+ years in Incident Response/Threat Hunting.
  • Certified in GREM, GCIA, GCIH, CISSP, GISP, GCWIN, GCFA.
  • Expertise with SIEM and Log Analytics, SOAR, R policies and procedures.
  • Demonstrated knowledge of application security controls, common vulnerabilities, and penetration testing methodologies.
  • Strong understanding of network security architecture concepts including topology, protocols, components, and principles.
  • Proficient in Google Workspace applications, including Sheets, Docs, Slides, and Gmail.

Qualifications

  • Bachelor's degree in Computer Science or Computer Security/Forensics.
  • Experience with scripting in Python, PowerShell, or similar language.
  • Knowledge of the MITRE ATT&CK Matrix.
  • Ability to parse and manipulate data for normalization or easier representations.

Skills

  • Security Engineering
  • Incident Response
  • Threat Hunting
  • SIEM
  • SOAR
  • Network Security
  • Application Security
  • Penetration Testing
  • Python/Powershell Scripting
  • MITRE ATT&CK Matrix
  • Data Normalization

Benefits

Comprehensive benefits package including paid time off, health benefits, health care reimbursement account, dependent care assistance plan, short-term disability and long-term disability insurance, AD&D insurance, life insurance, 401(k), stock purchase plan, and more.

Pay

Level SR - $150,000 - $190,000, Bonus and Restricted Stock Unit (RSU) eligible
Level Staff - $180,000 - $225,000, Bonus and Restricted Stock Unit (RSU) eligible

Schedule

Full-time position.

Similar jobs

Incident Response Engineer

Accenture Federal ServicesArlington, VA· 2 wk ago
Engineering$106k–$221k/yrapply on boards.greenhouse.io