Senior Cybersecurity Engineer - Providence, RI at SUPERVALU Holdings Inc in Providence, Rhode Island

Job Description:

Who We Are

We're pioneers who every day deliver new choices that shape the foodscape. We discover what's next. Bold ideas and new possibilities that drive the industry. Better food. Better future. Our teams are a highly innovative group of talented professionals; laser-focused on making a difference and having fun while we do it.

At UNFI, we're inspired by the unexpected. We look at things like our unmatched distribution network and full-store assortment through a new lens. From gourmet and ethnic to fresh, prepared foods to specialty cheese - we cover everything in the store and your kitchen. Energizing tomorrow, guiding a healthier road ahead.

We believe that:

• Freedom of food choice matters


• Discovering what’s next keeps us vital


• We’re not afraid to get our hands dirty


• We’re here to connect food, people and the planet


• New routes can take us anywhere


• Scale drives our ability to positively impact lives


• There is no limit to fresh ideas


• Sustainability is our responsibility

A Bit About You…

• You thrive in a fast-paced, dynamic environment


• You wake up in the morning with a passion to inspire others to be great


• You possess the ability to lead leaders to develop strong teams and deliver on your strategies


• You are a natural at connecting with others and building strong relationship networks


• You have a proven ability to leverage consumer insights to develop brand positioning


• You understand the importance of collaboration and partnership to enable business outcomes


• You strive to build and deliver the “big picture” strategy


• You possess a positive mindset and often spotlight opportunities that others may overlook

Job Overview:

The Cyber Security Engineer Sr serves on the Digital Forensics & Incident Response team, which is responsible for security threat, event monitoring, and response in order to protect the availability, confidentiality, and integrity of UNFI systems and data.  These solutions include, but are not limited to cyber security operations center technologies and processes, threat intelligence, forensic solutions, end point security, etc.

The DFIR team has four focus areas, which team members are generally assigned to on a rotational basis:

1. Security incident monitoring and response (IR)


2. Threat Intelligence


3. Threat Hunting


4. Security Orchestration and Automation Response (SOAR) development

Regardless of assigned focus area, all team members may be called to serve during large security incidents, or be called upon to contribute their expertise to any security incidents, investigations, etc.

Job Responsibilities and Accountabilities: 

• Researches attempted or successful efforts to compromise systems security and designs countermeasures.


• Designs, tests and maintains SOAR application runbooks, incident templates, dashboards, reports, jobs, etc


• Creates security threat assessments using Kill Chain and MITRE ATT&CK methodologies and familiarity with principles of active defense.


• Performs forensic investigations as needed and approved in support of Cyber security, HR, and Legal department needs


• Researches attempted or successful efforts to compromise systems security and designs countermeasures


• Responds and investigates potential security incidents when reported, escalated, assigned, or witnessed via any of several sources


• Identification of intel sources, both open source and otherwise, as well as design and implementation of monitoring those sources.


• Analysis of threat actors which may pose a risk to the organization / industry, and preparation and dissemination of risk profiles and threat assessments.


• Monitoring for, and escalation of new 0-day threats


• Ownership of threat management platform as it pertains to intel workflows. 


• Performs system and network security audits to identify security weaknesses and vulnerabilities and reports to management.


• Leverages security applications, such as SIEM, IDS, EDR, encryption, and vulnerability management solutions for analysis and investigation.


• Serves as a member of the security incident response team.


• Compile and analyze data for management reporting and metrics as directed.


• Perform data analysis across disparate or divergent datasets.


• Ensure information security issues are responded to during initial stage of project life cycle.


• Conducts root cause analysis and communicates outcomes in a clear and consistent manner.


• Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained.


• Performs information security risk assessments and serve as the internal auditor for information security processes


• Demonstrates expert-level knowledge and skills in the technical, process, organizational, and philosophical aspects of information technology, information security, and information risk management disciplines.


• Coordinates penetration testing requirements, assessments, and tracks remediation of critical findings


• Performs other relevant job duties as required.

Job Requirements:

Education/Certification:

• Bachelor’s degree in management information systems, computer science, or related discipline is required


• Postgraduate degrees and certificate programs in relevant areas that demonstrate analytical writing will also be considered


• CISSP certified/qualified or ability to pursue obtaining these certifications within six months of hire


• SANS GCIH or GCFA, CISA, CISM, or similar certification(s) are preferred but not required

Experience:

• 3-5 years minimum experience in line with job responsibilities.  Prefer experience in one of the listed focus areas. 


• Knowledge of, and experience with MITRE ATT&CK TTPs, and Cyber Kill Chain methodologies


• Experience with Incident Response, Security Appliances, Web Application testing, and Vulnerability Management.


• Experience with technologies and processes including: SIEM, EDR, VM, AV, SOAR, Firewall, IDS/IPS, Web Proxy, packet capture and analysis, forensic imaging and analysis, memory analysis


• Knowledge and experience with Common Internet Protocols: TCP, UDP, ICMP, etc.

Skills and Abilities:

• Flexible and adaptable to learning and understanding new technologies


• Strong written, verbal, and interpersonal communication skills


• Ability to work extremely well under pressure while maintaining a professional image and approach


• Team player with proven ability to work effectively with other business units, IT management and staff, vendors, and consultants


• Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause


• Comfortable discussing complex findings and issues with variety of audiences, including C-suite level


• Self-driven and able to reach deadlines on-time with minimal direction

All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.

Additional Information

• Schedule: Full-time