Senior Information Security Engineer

What You Need To Know

Open the door to a groundbreaking tech career with an industry leader. Southern Glazer’s Wine & Spirits is North America’s preeminent wine and spirits distributor, as well as a family-owned, privately held company with a 50+ year legacy of success. To create a new era in alcohol beverage sales and service, we’re heavily invested in the most transformative new technologies – and the most brilliant tech professionals. Southern Glazer’s was named by Newsweek as a Most Loved Workplace and is included on the Forbes lists for Largest Private Companies and Best Employers for Diversity.

As a full-time employee, you can choose from a full menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition reimbursement, a wellness program, parental leave, vacation accrual, paid sick leave, and more.

We offer continuous learning and career growth in a fast-paced environment where you are respected, your voice is heard, and technology is part of our strategy for success. If you’re looking to fill your glass with opportunity, come join our FAMILY.

Overview

The Senior Information Security Engineer is responsible for assisting with evaluating, implementing, maintaining, and assessing security solutions and infrastructure. Responsibilities involve conducting threat modeling, pinpointing process inefficiencies, and collaborating with both internal and external teams to resolve challenges identified through incident response, assessments, and penetration testing. Coordinate operational and support activities for enterprise-wide security issues encompassing resource allocation and the management of problems and solutions. Communication skills are a must for this position.

Specialized Skills and Technologies

• Excellent teaching, problem-solving, communication, and interpersonal skills
• A solid understanding of networking, systems, and security related technologies
• Able to build and maintain relationships, provide mentorship, and present ideas in an effective manner
• Basic knowledge of scripting languages – Python, PowerShell, Bash, etc.
• Proven experience responding to incidents in an Enterprise environment
• Experience managing endpoint security in an Enterprise environment
• Practical experience working with SIEM solutions in an Enterprise environment
• Working experience in Linux, Windows, and MacOS is a plus
• Strong understanding of eDiscovery and Forensic processes used in Incident Response
• Strong foundation in performing Incident Response
• Able to analyze and respond to threat intelligence data
• Knowledge of common attack techniques and tactics used by threat actors
• Strong communication and decision-making skills
• Strong ability to influence others
• Proven ability to analyze and solve problems with excellent attention to detail
• Strong team player who can work across multiple functions and disciplines

Primary Responsibilities

• Evaluates and implements security technologies to fortify organizational defenses and enhance overall security posture
• Directs and participates in Information Security projects and supports team efforts for day-to-day operations
• Assists in the investigation of security-related events
• Assists with computer forensic and eDiscovery requests as needed
• Assists with follow-up on alerts received from user-reported email and security tools
• Manages and monitors the EDR solution and responds to threats in the environment
• Performs proactive and continuous threat hunting activities to detect and mitigate potential security threats with a focus on maintaining a robust security posture
• Designs comprehensive incident response playbooks ensuring well-structured and effective responses to security incidents
• Serves as a member of the team and as a mentor to other Information Security team members as needed
• Assesses the current Information Security program and makes recommendations regarding improvements
• Aggressively automates repeated tasks to allow the team to scale with the organization’s growth
• Serves as a member of the team in a technical role
• Serves as a subject matter expert inside of SGWS and assists with complex issues pertaining to Information Security as needed
• Participates in on-call rotation

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP)
• GIAC or Offensive Security Certifications – GPEN, GCIH, GREM, OSCP, etc.
• Experience in both red team and blue team operations demonstrating expertise in offensive and defensive security strategies
• Experience in Computer Forensics and eDiscovery
• Experience with cloud security technologies and platforms
• Familiarity with scripting and automation to enhance security operations
• Experience with security frameworks and standards

Minimum Qualifications

• 7 or more years of work experience in IT
• 3 or more years of experience evaluating, implementing, and managing security solutions in an enterprise environment
• 2 or more years of experience of utilizing threat intelligence tools and frameworks
• 2 or more years of hands-on experience with an enterprise SIEM solution
• 2 or more years of hands-on experience utilizing Email security platforms
• 2 or more years of utilizing EDR in an enterprise environment with experience in platform management to include deployment and configuration
• 2 or more years of hands-on experience actively leading and conducting threat hunting operations
• Proven experience in managing security incidents and coordinating with internal and external stakeholders
• Ability to identify and mitigate potential security threats across diverse environments
• Must have a deep understanding of Windows and Linux operating systems
• Must be willing to participate in an on-call rotational schedule
• Deep understanding of network security, endpoint security, and application security principles
• Continually follow the threat landscape to stay on top of the latest vulnerabilities
• Ability to work effectively with technical and non-technical personnel in a cross-functional setting
• Good verbal/written communication skills
• Self-starter/motivated
• Strong attention to detail
• Strong team player who can work across multiple functions and lead peers
• Establishes and communicates clear priorities and sense of direction
• A good listener and collaborator who partners closely with others
• Ability to communicate complex security concepts in a clear, fluent, and concise manner to both technical, and non-technical audiences
• Exceptional written, verbal and presentation communication skills

Agile Delivery Values

• Openness – Team and stakeholders agree to be open about all work and challenges 
• Commitment – Personally commit to achieving the goals of the team 
• Respect – Respect your team members to be capable and independent 
• Courage – You have courage to do the right thing and work on tough problems 
• Focus – Everyone focus on the work in the sprint and the goal of the scrum team.  Rise and fall as a team 

Physical Demands

• Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or mobile device
• Physical demands with activity or condition may occasionally include walking, bending, reaching, standing, squatting, and stooping
• May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs

EEO Statement

Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.  Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees.  Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.