Description:

Summary: As a senior member of the Cybersecurity team, this key role is responsible for designing application security solutions which enforce security consistently across internally/externally developed, commercial-off-the-shelf and cloud-based applications. This role will participate in and lead architecture and controls, design cross-group functional elements, balancing the technical, business, and compliance requirements in pursuit of risk control and reduction in the cybersecurity stance of the company and its customers. This role will provide the full lifecycle engineering for the infrastructure security environment including requirements analysis, design, development, test, implementation, maintenance, integration, and documentation. The position is responsible for having a strong knowledge of the business and technical requirements of creating and advancing next generation, forward-thinking applications. This role will conduct code review activities and work with other development and project teams to remediate any security concerns, as well as partner with external vendors to align on product strategy, address technical issues, and influence new products. This role may also mentor and assist in the development of more junior Cybersecurity Engineers. Supervisory Responsibilities: This position has no supervisory responsibilities, but may act as mentor to more junior Cybersecurity engineers Essential Functions: • Provide full lifecycle engineering for the infrastructure security environment to include everything from vendor evaluations, design and operationalization, and ongoing sustainment and support of brand initiatives to enhance overall security posture and act as advanced technical support of the business using a variety of security technologies • Create strategies, controls, and architecture specifically for desktop, workstation/endpoint, network, and mobile device security including optimization of technologies and processes for Cybersecurity Analysts. • Conduct company-wide security audits to discover potential systems, network, and process vulnerabilities, to determine security infrastructure requirements and implement security policies, procedures, and systems to remediate any gaps • Conduct security and design reviews with Development and Project Teams and develop/communicate application security design plans, provide analytical support for security policy development and analysis, provide engineering recommendations, and resolve integration and testing issues • Research and identify security trends, new methods, and techniques used in unauthorized access of data to preemptively eliminate the possibility of system breach and ensure system security needs are established and maintained for operations development, systems design, incident response, disaster recover, and business continuity planning • Provide future strategic/tactical plans which affect application security environments and initiatives • Responsible for meeting with vendors to discuss product strategy, address technical issues, and influence new products and services to meet growing and changing requirements

Requirements:

Education and Work Experience Required: • Bachelor’s Degree preferred and/or combination of prior work experience in the field of software development • Minimum of five (5) years of work experience in information security Preferred: • Prior Retail Technology experience • Prior Quick Service Restaurant experience Knowledge, Skills, and Abilities: • Experience with: o Software and web application vulnerability scanning tools o Static and dynamic code analysis (e.g., IBM AppScan, HP Fortify) o High level programming languages (e.g., Java, .NET (C#), C, C++) o Web application development (e.g., ASP.NET, ASP,PHP, J2EE, JSP) o Generally accepted information security practices and regulations (e.g., NIST, ISO 27001, PCI DSS, HIPAA, SOX) o IaaS/PaaS environments (e.g., Amazon Web Services, Google Cloud Platform, Pivotal Cloud Foundry, Microsoft Azure) • Problem solving, customer service skills, strong written, verbal, and project management skills • Self-motivated and driven to go the distance with potential unhappy technology consumers • Strong desire for learning processes, procedures, and new software/hardware capabilities • Ability to work well under pressure and have great organizational and interpersonal skills • Skills to remain up-to-date based on new software development and hardware technologies • Experience with credit card technologies, back office systems, polling technologies, and audio systems would be beneficial • Base technical skills including computer operating systems, computer hardware, networks, and communication platforms are required • Word processing, spreadsheet technologies, presentation skills, and database experience necessary • Ability to rotate “on-call” for technical or service challenges escalated beyond helpdesk(s) regarding store down, critical call assistance or company user request assistance required. The rotation requires work during non-corporate business hours including nights and weekends. • Must be available for light, job-related travel

Additional Info:

Physical Demands: While performing the duties of this job, the employee is regularly required to communicate clearly, move, and remain in a stationary position. The employee must occasionally transport and/or move up to 25 pounds. The employee must regularly be able to detect, perceive, identify, recognize, judge, inspect, estimate, observe, and assess items, information, and objects in an office setting. Work Environment: The noise level in the work environment is usually moderate. #LI-JA1