Share this Job

Threat Operations Engineer Job

Date: Nov 25, 2020

Location: Westborough-Home Office, MA, US, 01581

Company: BJ's Wholesale Club, Inc.

BJ's Wholesale Club was the first retailer to introduce the warehouse club concept in the northeastern United States. Today, we’re a multibillion dollar operation with more than 200 clubs in 17 states from Maine to Florida.

While our Members know us for helping them save up to 25% off grocery prices every day, our Team Members  love us for providing a supportive and engaging workplace that’s committed to developing great talent.

If you’re a motivated and enthusiastic person who enjoys working collaboratively and is committed to providing great service for our Members, we want to hear from you. BJ’s offers a fast-paced, team environment with great training opportunities and competitive salary and benefits packages to help you  succeed.

The Sr IT Security Engineer will fill a fundamental role meaningful role within Threat Operations Team with the focus on Penetration Testing, Threat Hunting, and Threat Emulations to proactively identify vulnerabilities.

This Security Engineer will also work with other security teams on architecting, implementing technologies, processes, and improvements.

 

Responsibilities include but are not limited to:

  • Create and maintain evaluation and technical testing plans to proactively identify vulnerabilities, misconfigurations, and visibility shortfalls 
  • Create set of testing capabilities that can be provided during new IT services being deployed, major changes to critical systems, and new enhancements to applications or web services
  • Strive to automate testing, documentation, and repeatability for a continuous Threat hunting program
  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services
  • Assists incident handling for the Cyber Security Incident Response Team (CSIRT). Assists with corrective action plans, audit findings and security issues, ensuring problems are resolved in an effective and timely manner.
  • Proven development of emulating known malicious actor’s common toolsets
  • Participate in third party evaluation engagements or Penetration Tests
  • Emulate top Tools, Tactics, and Procedures (TTPs) of malicious actors to proactively identify potential security posture shortfalls
  • Identify controls and logging shortfalls to Influence enhancements to the firm’s security program

 

Requirements

  • 3 to 5 years in perform evaluations that include Penetration Testing, Purple Teaming, and Vulnerability Management
  • Bachelor's Information Technology, Computer Science or related field
  • Ability to provide day to day evaluations to provide critical insight for senior leadership and strategy personnel
  • 3 years experience in conducting threat hunting initiatives and evaluating controls leveraging frameworks such as MITRE ATT&CK.
  • Capable of authoring custom evaluation plans with emphasis on identifying those that can be performed on a continuous basis, and finally identify those plans that can be automated
  • Expertise in shell scripting and other programming languages, such as Powershell and Python

please note that we are unable to sponsor visas for this opening

BJ's Wholesale Club is committed to a policy of equal employment opportunity for all qualified team members and applicants for employment without regard to race, religion, color, sex, sexual orientation, age, ancestry, national origin, physical and/or mental disability, genetic information, atypical cellular or blood trait, marital and/or familial status, pregnancy, gender identity and expression, military or veteran status, or any other characteristics protected by applicable law.


Nearest Major Market: Worcester