Areas of Interest: Incident Response, Investigation, Software Assurance and Security Engineering
Be part of an innovative team that has a direct impact on nearly every aspect of the Macy’s experience – our Operations & Field Services team partners with our corporate team to bring initiatives, strategies, ideas, and innovations to life through the art and science of retail management in our more than 800 stores. ... More »
At Macy’s, we’re moving fast—we’re at top speed to become America’s premiere omnichannel retailer. Macy’s technology hub, Macy’s Systems and Technology (MST) strives to set the pace by providing seamless and compelling shopping experiences for our Macy’s and Bloomingdale’s customers. MST is creating innovative technology solutions to support these experiences and define the future of retailing.
Macy’s Systems & Technology is seeking a Sr. Information Security Operations Engineer. This is a hands-on role involving the design, deployment and support of complex Security products. The Senior Information Security Operations Engineer will perform the daily operation of the in place security solutions and the identification, investigation and resolution of security events and incidents detected by those systems. The selected Engineer should have experience and understanding of multiple security platforms and layers including Anti-virus, Firewalls, Proxy servers, Intrusion Prevention Systems, Logging Correlation/management, Operating systems, Protocols and Incident Response.
The Sr. Information Security Engineer is responsible for defining, delivering and supporting the enterprise security architecture and ensuring its operational status.
Additional Duties Include:
- Assist with incident response including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion.
- Continues to increase knowledge by tracking and understanding emerging security practices and standards by participating in educational, social or professional opportunities and organizations and/or reading publications.
- Collaborates with other technical leads (Network, Server, and Application), field services technicians, project managers and data center operations and technical subject matter specialists to integrate security controls into a cohesive architecture that sufficiently mitigates risk to the company.
- Mentors and coaches other Security Engineers to provide guidance and expertise in their growth.
- Consistently demonstrates regular, dependable attendance & punctuality.
- Other Duties as Assigned.
- Minimum of 5 years' experience in IT or Information Security.
- Have experience with LogRhythm or other SEIM technology (HP ArcSight/Mcafee Nitro Security).
- Knowledge or skill to create AIE and/or correlation rules to detect threats.
- Able to create daily reports and understand alerting workflow processes.
- Ability to understand, analyze and correlate security events and implement counter-measures to mitigate against intrusion attacks.
- Maintaining security monitoring and reporting appliances in addition to leading and analyzing security reporting.
- Understanding of Incident response methodologies and assist with coordinating security incidents.
- Strong knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virus scanning, web servers, SSL/encryption and reporting packages.
- Ability to decode and understand traffic flow at packet level traces (skilled with TCPDUMP, PCAPs, traffic generators, etc.).
- Identify common network and web site attacks such as SQL injection, cross site scripting, remote file inclusion and cookie manipulation.
- Understanding of web applications authentication, session management, requests, form submission processes.
- An understanding of a wide array of server grade applications to include Lotus Notes, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and Others.
- Experience with a host based FIM (File Integrity Monitoring) solution (Tripwire or similar).
- Working knowledge of Juniper SSL VPN Appliances (SA6500).
- Experience or working knowledge of Cisco ACS (Tacacs).
- Experience or working knowledge of BlueCoat ProxySG, Director, Reporter, Proxy AV, Content Analysis and/or Malware Analysis appliances.
- Experience or working knowledge of FireEye or other Malware/Sandboxing technologies.
- Working knowledge of RSA SecurID Token environments.
- Experience or working knowledge of Cisco Routers and switches.
- Ability to perform IDS / IPS real-time monitoring analysis and/or network forensics.
- Working knowledge of Check Point Firewalls R75, R76, R77 including Provider-1 and MDS environments.
- Experience or working knowledge of Cisco ASA 5500 series and FWSM Firewalls.
- Working knowledge of Enterasys IDS/IPS and Behavior Flow Appliances and the SEIM/DSCC consoles.
- Have an understanding and working knowledge of regulatory and audit mandates to ensure environments meet PCI, FFIEC, SOX and corporate standards.
- Bachelor's degree and 5-7 years of experience or an equivalent combination of education and experience.
- Excellent written and verbal communication skills. Ability to explain technical concepts to technical or non-technical personnel. Ability to read, write, and interpret business and technical documents.
- The Sr. Information Security Operations Engineer makes decisions based on operational status and project requirements and will make recommendations to management based on actions taken, current status and potential exposure and/or risks.
- The Engineer will continue to be engaged with management to provide updates and status to help clarify any decision that is needed to be made about a current risk exposure or operational stability.
- Basic math functions such as addition, subtraction, multiplication, division and analytical skills.
- Must be able to work independently with minimal supervision.
- This position involves regular ambulating, sitting, hearing, and talking.
- May occasionally involve stooping, kneeling, or crouching.
- May involve close vision, color vision, depth perception, and focus adjustment. Involves use of hands and fingers for typing on keyboard and using a mouse.
- May be a need to move or lift items under 10 pounds.
- Ability to work a flexible schedule based on department and company needs.
Macy's Systems & Technology (MST) is the information technology division of Macy's Inc. Macy's Inc. is the nation's largest operator of department stores with over 800 department store locations in 46 states. In addition, we operate major catalog and internet operations for Bloomingdale's and Macy's. Macy's Systems & Technology is headquartered in Johns Creek, a suburban setting northeast of Atlanta, Georgia.
Our headquarters in Johns Creek, GA—in suburban Atlanta—offers outstanding neighborhoods and top ranked schools, and is part of a thriving business and technology sector found in Atlanta's North Fulton County.
We offer competitive salaries, comprehensive benefits, employee fitness center and a merchandise discount.
Macy's is an equal opportunity employer, committed to a diverse and inclusive work environment.