Information Security Engineer II at United Natural Foods Inc in Providence, Rhode Island

Job Description:

Job Overview:

The IT Information Security Engineer II is responsible for the design, implementation, and support of enterprise security solutions that align with the security architecture roadmap and meet business requirements. This role will develop and implement solutions that protect the availability, confidentiality, and integrity of UNFI systems and data. These solutions include, but are not limited to information security operations center technologies and processes, threat intelligence solutions, vulnerability management technologies, and overall security solutions such as web content filtering, forensic solutions, end point security, etc.

In additional, the IT Information Security Engineer II will review, recommend, and implement improvements to security ecosystem to evolve the Information Security program, and will provide consultative services to the technology and business teams to ensure security is integrated into all aspects of the business. The role will develop and maintain processes and procedures to run the day-to-day aspects of the Information Security team, providing after-hours support as needed.

Job Responsibilities and Accountabilities:

• • Masters in-place security applications, such as SIEM, IDS, EDR, DLP, encryption, and vulnerability management solutions that can be leveraged for data enrichment and other actions.
• • Gather business requirements, determine appropriate solutions and effectively communicate those to partners.
• • Act as a subject matter expert in technical expertise and in decision making for the resolution of problems which are highly complex and technical in nature.
• • Participate in the evaluation, selection, implementation, and optimization of enterprise infrastructure solutions to ensure alignment with the existing tech stack and scalability as the organization evolves.
• • Perform key role in deployment and ongoing maintenance and support of security tools and agents.
• • Suggest and implement improvement opportunities where available.
• • Ensure all modifications/changes are tracked and follows proper change control and SDLC processes.
• • Ensure information security issues are responded to during initial stage of project life cycle.
• • Conduct root cause analysis and communicates outcomes in a clear and consistent manner.
• • Maintain and increases knowledge of relevant technologies and applications.
• • Collaborate with internal IT team to promote automation and develop consistent technical build, implementation, and support processes.
• • Work with vendors regarding problem resolution, new products and services, to improve security solutions.
• • Under little supervision, designs, tests and maintains reporting dashboards, data models, data integrations and reporting.
• • Compile and analyze data for management reporting and metrics.
• • Perform data analysis across disparate or divergent datasets.
• • Perform other duties as assigned.

Job Requirements:

Education/ Certifications/or Equivalent combination of education training and experience:

• • Bachelor's Degree in Information Technology, Computer Science, or a related field; or the equivalent in education and work experience.
• • Recognized industry certification such as CISSP, CISA, CISM, Security+, GCFA, GCFE, etc. preferred but not required.

Experience:

• • 3 to 5 years of engineering experience within Information Security or Infrastructure
• • Knowledge of endpoint protection security tools, vulnerability management, and other security concepts preferred, but not required.
• • Experience with Amazon Web Services (AWS) or Microsoft Azure preferred.
• • Proficient with scripting in Python, JavaScript, PowerShell, PHP, or Ruby
• • Experience communicating across cross-functional teams and with senior leadership.
• • Microsoft Power BI or similar data analytics tool experience preferred, but not required.
• • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

Knowledge:

• • Moderate knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools and open-source alternatives
• • Knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus, and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.
• • Knowledge and experience with Windows, Apple, and Linux operating systems
• • Knowledge and experience with Encryption at rest and in transit: CIFS / SMB / Active Directory / NTLM / Kerberos / MS domain services/windows firewall/LDAP
• • Network Security: Firewall, IPS, Anti-Bot, Sniffers, Web Application Firewalls, SIEM Solutions, Email gateways, Anti-SPAM solutions, Web Filtering, Proxy servers, Data Loss Prevention Systems, SSL offloading, balance loaders.
• • Knowledge and experience with Common Internet Protocols: IP, TCP, UDP, ICMP, FTP, SMTP, SSH, DNS, DHCP, SNMP, HTTP, HTTPS, NTP
• • Knowledge and experience with PowerShell and Python.
• • Experience with Incident Response, security appliances and other security and network technologies.

Skills/ Abilities:

• • Ability to work extremely well under pressure while maintaining a professional image and approach.
• • Action oriented and driven to achieve results in a positive manner, displaying ethical behavior, integrity, and always building trust.
• • Excellent verbal and written communication/presentation skills.
• • Project management, time management, and conflict resolution/management skills
• • Ability to set priorities and objectives, then plan and organize the team in order to meet them.
• • Effective at developing and training employees.
• • Able to deal with ambiguity and make quality decisions in a dynamic, fast paced environment.
• • Strong interpersonal and collaboration skills with the ability to interact with both technical and non-technical teams.
• • Demonstrated business acumen and the ability to apply technology solutions to solve business problems.
• • Demonstrated ability to perform under pressure and respond rapidly to incidents 24/7/365.

All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.

Apply Now