Share this Job

Endpoint Security Engineer Job

Date: Nov 19, 2020

Location: Westborough-Home Office, MA, US, 01581

Company: BJ's Wholesale Club, Inc.

BJ's Wholesale Club was the first retailer to introduce the warehouse club concept in the northeastern United States. Today, we’re a multibillion dollar operation with more than 200 clubs in 17 states from Maine to Florida.

While our Members know us for helping them save up to 25% off grocery prices every day, our Team Members  love us for providing a supportive and engaging workplace that’s committed to developing great talent.

If you’re a motivated and enthusiastic person who enjoys working collaboratively and is committed to providing great service for our Members, we want to hear from you. BJ’s offers a fast-paced, team environment with great training opportunities and competitive salary and benefits packages to help you  succeed.



As an Endpoint Security Engineer, you will be a technical endpoint security specialist for a very diverse enterprise. You will be working with a team that is responsible for engineering endpoint security capabilities, and support of endpoint security technologies in a rapidly changing security sector in a large enterprise. The ideal Endpoint Security Engineer will be adept in learning new security capabilities, adaptable, take initiative, and be a team player. Knowledge sharing is highly encouraged.


Essential Functions:

  • Ensure endpoint security solutions, policies and emerging technology are on track to meet and respond to threats to our data and endpoint infrastructure.
  • Work with various IT teams to incorporate security requirements in deployment, platform and new tool selection processes
  • Ensure end of life compliance with various software used on the endpoints and develop a plan to retire and upgrade
  • Coordinate timely patching to keep up with security compliance
  • Review patches of criticality to apply
  • Work with cross functional teams across IT to deliver a solution that aligns across security objectives
  • Create an operations model with local IT that supports their user’s action on the workstation such as access on demand and emergency access.
  • Align endpoint Security measures with privileged access and access to applications
  • Enable reporting to create business metrics
  • Maintain a governance program to continuously audit local administrative privileges across workstations
  • Strong analytical skills to define complex identity privilege decisions

Candidate Experience:

  • Bachelor's Degree in Computer Science or similar major
  • Minimum of 3+ years’ working within the Access Control strongly preferred
  • Minimum of 3+ years of related experience in Endpoint Security preferred
  • Minimum of 5+ years’ experience in a directly related IT field preferred
  • 3+ years’ working within the Access Control strongly preferred
  • Intermediate Experience with Access Controls across a large Enterprise network including Windows, Linux, and Mac endpoints.
  • Intermediate Experience with configuring security access controls within cloud-based SaaS, IaaS, and/or PaaS platforms
  • Intermediate experience managing policies and software deployment in Crowdstrike, Netskope (CASB), and other security controls.
  • Intermediate Experience with LDAP, Active Directory, IAM, AzureAD, SAML, Azure Identity Management
  • Familiarity with modern methods of network and endpoint attacks and compromise such as MITRE ATT&CK techniques.
  • Demonstrated knowledge of standard IAM products (i.e. SailPoint, Okta, Thycotic, etc.) is a plus
  • Experience with Privileged Account Management (PAM) is a plus
  • Proven ability to work with other teams in managing complex projects
  • Proven initiative to learn and research new concepts, ideas, and technologies quickly
  • Proven ability to work in a team-oriented, collaborative environment
  • Proven ability taking a concept from idea to completion
  • Maintains a broad knowledge of emergent trends in information technology, tools, methodologies, and best practices
  • Comprehensive understanding of IT risk controls and compliance frameworks
  • Self-starter: the ability to work independently and handle multiple tasks across multiple projects and staff

please note that we are unable to sponsor visas for this opening

BJ's Wholesale Club is committed to a policy of equal employment opportunity for all qualified team members and applicants for employment without regard to race, religion, color, sex, sexual orientation, age, ancestry, national origin, physical and/or mental disability, genetic information, atypical cellular or blood trait, marital and/or familial status, pregnancy, gender identity and expression, military or veteran status, or any other characteristics protected by applicable law.

Nearest Major Market: Worcester