Jobs · Information Technology · New York

Sr. Security Engineer (Hybrid in Irvington, NY)

EILEEN FISHER, INC. · Irvington, NY · 1 wk ago
Information TechnologyFull-time

Summary of Duties and Responsibilities

  • Own end-to-end PCI-DSS compliance across all retail point-of-sale, e-commerce, and payment processing environments
  • Lead annual PCI assessments, QSA engagements, and remediation tracking to ensure continuous compliance
  • Maintain and enforce the cardholder data environment (CDE) scope, segmentation, and documentation
  • Coordinate PCI evidence collection, SAQ/ROC preparation, and audit readiness across all relevant systems
  • Develop, implement, and continuously improve IT security policies, standards, and procedures aligned with business strategy and frameworks (NIST CSF, CIS Controls, ISO 27001)
  • Lead the annual enterprise risk assessment process, tracking findings and driving remediation to closure
  • Establish and report on security KPIs and metrics to IT leadership and the executive team
  • Own the security technology roadmap and prioritize investments in tools, controls, and capabilities
  • Serve as the primary owner of the organization’s WAF provider relationship—managing configuration, tuning, rule sets, and escalations to protect e-commerce and customer-facing platforms
  • Monitor and respond to WAF alerts, DDoS events, bot activity, and web application threats
  • Secure payment gateways, APIs, and customer data flows in alignment with PCI-DSS and OWASP best practices
  • Partner with the e-commerce and development teams to embed security into the SDLC and deployment workflows
  • Oversee endpoint protection across all employee devices, including corporate laptops, retail POS terminals, and mobile devices
  • Manage email security, IAM, SSO/MFA (Okta, Azure AD), and privileged access controls
  • Design and deliver security awareness training to protect employees from phishing, social engineering, and insider threats
  • Enforce policies for secure remote work, BYOD, and store-level IT environments
  • Direct day-to-day security operations including network monitoring, SIEM management, IDS/IPS, vulnerability scanning, and patch management
  • Supervise incident response activities from detection through post-incident review and lessons learned
  • Manage certificate lifecycle, sensitive data handling, and encryption standards (TLS/SSL, PKI, key management)
  • Conduct and coordinate penetration testing and vulnerability management programs, tracking remediation to resolution
  • Own security controls across cloud environments (AWS, Azure) including IAM, security groups, logging, and compliance tooling
  • Collaborate with IT infrastructure teams to harden systems, enforce least-privilege, and maintain secure baselines
  • Ensure secure configurations for SaaS applications, APIs, and third-party integrations

Required Experience

  • 7+ years of progressive IT security experience, with at least 3 years in a senior or lead security role
  • Demonstrated end-to-end ownership of PCI-DSS compliance—including QSA engagement, CDE scoping, SAQ/ROC preparation, and continuous compliance across retail POS and e-commerce channels
  • Hands-on experience managing WAF platforms (e.g., Cloudflare, Imperva, Akamai, AWS WAF) including rule tuning, alert response, and vendor relationship management
  • Experience securing e-commerce environments: payment gateways, APIs, and customer data in alignment with PCI-DSS and OWASP Top 10
  • Proven experience building and managing IT governance programs—policies, risk assessments, KPIs, and security roadmaps
  • Ability to manage security across a distributed workforce including retail stores, corporate offices, and remote employees
  • Experience with cloud security across AWS and/or Azure (IAM, security groups, logging, Microsoft Defender, Azure Defender)
  • Strong knowledge of identity and access management (IAM), SSO/MFA (Okta, Azure AD/Entra ID), and privileged access controls
  • Experience with SIEM platforms, IDS/IPS, endpoint detection & response (EDR), and vulnerability management tools
  • Strong understanding of encryption, TLS/SSL, PKI, and key management
  • Scripting/automation skills in Python, Bash, or PowerShell
  • Excellent communication skills with the ability to present security risk to executive and non-technical audiences
  • Industry certifications preferred: CISSP, CISM, PCI-ISA/QSA, or equivalent

Similar jobs

Sr. Security Engineer

JobotSeal Beach, CA· 2 days ago
Information Technology$130k–$180k/yrapply on jobot.com