Sr. Information Security Specialist, (User Protection)

Full Time
Johns Creek, GA
Areas of Interest: Investigation, Systems Security Analysis, Systems Security Architecture
report a problem


Be part of an innovative team that has a direct impact on nearly every aspect of the Macy’s experience – our Operations & Field Services team partners with our corporate team to bring initiatives, strategies, ideas, and innovations to life through the art and science of retail management in our more than 800 stores. ... More »

Macy’s Systems & Technology is seeking a Sr. Information Security Specialist.  This is a hands-on role involving the design, deployment and support of complex Security products. The Sr. Information Security Specialist, will perform the daily operation of the in place security solutions and the identification, investigation and resolution of security events and incidents detected by those systems.
The Senior Information Security Specialist should have experience and understanding of multiple security platforms and layers including Anti-virus, Certificates, Intrusion Prevention Systems, Operating systems, Protocols. 
Macy's Systems & Technology (MST) is the information technology division of Macy's Inc. Macy's Inc. is the nation's largest operator of department stores with over 800 department store locations in 46 states. In addition, we operate major catalog and internet operations for Bloomingdale's and Macy's. Macy's Systems & Technology is headquartered in Johns Creek, a suburban setting northeast of Atlanta, Georgia. 
We offer competitive salaries, comprehensive benefits, employee fitness center and a merchandise discount.  
Key Accountabilities:
The Sr. Information Security Specialist is responsible for consultation to internal resources, defining, delivering and supporting the enterprise security architecture (certificates and key management) and ensuring its stable, operational status.
Additional responsibilities include:
  • Assist with Information Security related agent components including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion.
  • Assist with Information Security related agent components including performing investigative follow-up, assigning responsibility for corrective action, and auditing for effective completion.
  • Continues to increase knowledge by tracking and understanding emerging security practices and standards by participating in educational, social or professional opportunities and organizations and/or reading publications.
  • Collaborates with other technical leads (Network, Server, and Application), field services technicians, project managers and data center operations and technical subject matter specialists to integrate security controls into a cohesive architecture that sufficiently mitigates risk to the company.
  • Mentors and coaches other Security Analysts to provide guidance and expertise in their growth.
  • Consistently demonstrates regular, dependable attendance & punctuality.
  • Other Duties as Assigned. 
Decision Making:
The Sr. Information Security User Protection Specialist, makes decisions based on operational status and project requirements and will make recommendations to management based on actions taken, current status and potential exposure and/or risks. The Specialist will continue to be engaged with management to provide updates and status to help clarify any decision that is needed to be made about a current security incident, risk exposure or operational stability.              
  • College degree and 5-7 years of experience or an equivalent combination of education and experience.
  • Excellent written and verbal communication skills.  Ability to explain technical concepts to technical or non-technical personnel.  Ability to read, write, and interpret business and technical documents.
  • Basic math functions such as addition, subtraction, multiplication, division and analytical skills.
  • Must be able to work independently with minimal supervision.
  • This position involves regular ambulating, sitting, hearing, and talking. May occasionally involve stooping, kneeling, or crouching. May involve close vision, color vision, depth perception, and focus adjustment.  Involves use of hands and fingers for typing on keyboard and using a mouse.  May be a need to move or lift items under 10 pounds.
Skills Summary: 
  • Minimum of 5 years' experience in IT or Information Security.
  • Scripting languages such as Python and PowerShell desired.
  • Have experience with certificate and key management.
  • Knowledge or skill to consult the development and application owner community on certificates/keys
  • Knowledge of cryptography technologies and implementations of such.
  • Ability to understand, analyze and correlate security events and implement counter-measures to mitigate against intrusion attacks.
  • Maintaining security monitoring in addition to leading and analyzing security reporting.
  • Understanding of agent technologies commonly used on endpoints for protection of assets.
  • Strong knowledge of HTTP, FTP, authentication, virus scanning, web servers, certificates and key management, and TLS protocol.
  • Ability to troubleshoot certificate issues.
  • Identify common network and web site attacks such as SQL injection, cross site scripting, remote file inclusion and cookie manipulation.
  • Understanding of web applications authentication, session management, requests, form submission processes.
  • An understanding of a wide array of server grade applications to include email, DNS, SMTP, IIS, Apache, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
  • Have an understanding and working knowledge of regulatory and audit mandates to ensure environments meet PCI, FFIEC, SOX and corporate standards.
  • Ability to work a flexible schedule based on department and company needs.
Macy's is an equal opportunity employer, committed to a diverse and inclusive work environment.

Share this job:


Macy’s, Inc., with corporate offices in Cincinnati and New York, is one of the nation’s premier retailers, with fiscal 2015 sales of $27.079 billion. The company operates about 870 stores in 45 states, the District of Columbia, Guam and Puerto Rico under the names of Macy’s, Bloomingdale’s, Bloomingdale’s Outlet, Macy’s Backstage and Bluemercury, as well as the, and websites. Bloomingdale’s in Dubai is operated by Al Tayer Group LLC under a license agreement.

Visit Macy's's Social Media pages:
Company Industry: Retail
Company Type: Public Company
Company Size: 10,001+
One other job with this company: