Location:
Plano, Texas or Chesapeake, Virgina
These roles will be HYBRID.
In cybersecurity, we help keep our diverse environments within our enterprise secure. The IT Security team is looking for a passionate cybersecurity professional who wants to make an impact in multiple environments. Dollar Tree is looking for a detailed and results oriented Information Security Engineer who will be responsible for the security of its information systems and data. She/he will collaborate with a team of cybersecurity professionals and work closely with other departments to protect the organization's digital assets, data and systems from cyber threats and breaches. This role is critical to the strategic and tactical success of Dollar Tree's cybersecurity program. As part of this team, you will be responsible for the strategic and operational success of our Security Engineering solutions and cybersecurity tool stacks.
Under the management of the Information Security Manager this individual will play a vital role in ensuring the Identity & security of all endpoints and enterprise systems at Dollar Tree. This individual will also ensure the confidentiality, integrity and availability of our data. It is a critical role in the face of an ever-evolving landscape of cyber threats and attacks. This job description serves as a general overview of the responsibilities and qualifications for an Information Security Engineer. Specific job requirements may vary depending on the organization and industry.
Principal Duties and Responsibilities
Endpoint Security:
- Develop and implement endpoint security strategies, policies, and procedures.
- Configure and maintain endpoint security tools, such as antivirus, anti-malware, allowlisting, Privileged Access Management (PAM) and endpoint detection and response (EDR) solutions.
- Support regular vulnerability assessments and patch management for endpoints.
- Investigate and respond to endpoint security incidents, including malware outbreaks and data breaches.
- Develop and enforce endpoint security standards for both on-premises, cloud services, and remote devices.
- Design, implement, and manage IAM security solutions to ensure appropriate access controls on-premises and in cloud services.
- Drive best practices in user provisioning and de-provisioning processes, including role-based access control (RBAC).
- Support multi-factor authentication (MFA) and single sign-on (SSO) solutions to enhance authentication security.
- Collaborate with application and system owners to integrate IAM solutions into various systems.
- Manage existing solutions that support validation of "machine identities" where cryptographic certificates, keys and other digital secrets are leveraged to protect connected systems in the organization.
- Ensure PAM solution is leveraged where elevated level of access is required to perform roles.
- Stay up-to-date with industry best practices, security standards, and regulatory requirements (e.g., NIST, CIS, PCI).
- Prepare and maintain documentation related to endpoint and IAM security controls and policies.
- Assist in the development and execution of security awareness training for employees.
- Contribute to the development of security governance frameworks and risk management strategies.
Minimum Requirements
- Bachelor's degree or in computer science, Information Security, or related field. Equivalent work experience can be a substitute.
- 5+ years proven IT experience with emphasis on endpoints and IAM.
- Advanced knowledge and experience with endpoint security tools (e.g. antivirus, anti-malware, Privileged Access Management, and Endpoint Detection and Response).
- Advanced knowledge with Microsoft, Linux, Mac, IoT and mobile device operating systems and services.
- Experience and deep understanding of the Active Directory environment (NTFS, NPS, ADCS, ADFS).
- Knowledgeable in authentication and authorization tools (e.g. SSO, SAML, IAM, and MFA)
- Strong understanding of Cloud Services from an IAM perspective and its implications in cybersecurity.
- Ability to develop security standards and guidelines based on best practices and industry standards.
- Excellent problem-solving and communication skills.
- Ability to work collaboratively in cross-functional teams.
- 5+ years proven experience in cybersecurity.
- Professional certifications such as CISSP, CISM, CISA, or CompTIA Security+
- Strong background with other security technologies (e.g. firewalls, IDS/IPS, honeypots, DLP and SIEM solutions).
- Proficiency in scripting and automation for security tasks (e.g., PowerShell, Python).