Staff Security Software Engineer, Threat and Vulnerability Management - San Antonio, Tx. or Austin, Tx. at H-E-B
Since H-E-B Digital Technology's inception, we've been investing heavily in our customers' digital experience, reinventing how they find inspiration from food, how they make food decisions, and how they ultimately get food into their homes. This is an exciting time to join H-E-B Digital--we're using the best available technologies to deliver modern, engaging, reliable, and scalable experiences to meet the needs of our growing audience. If you enjoy taking on new challenges, working in a rapidly changing environment, learning new skills, and applying it all to solve large and impactful business problems, we want you as part of our team.
Our Partners thrive The H-E-B Way. In the Staff Security Software Engineer, Threat and Vulnerability Management role, that means you have a...
HEART FOR PEOPLE... you lead and motivate teams of engineers, collaborate with multiple customers within different lines of business, negotiate solutions, and provide upward communication
HEAD FOR BUSINESS... you consistently demonstrate and uphold the standards security, infrastructure, and process
PASSION FOR RESULTS... you're capable of high-velocity contributions in multiple technical domains
About our Threat and Vulnerability Management Team
The Threat and Vulnerability Management (TAVM) team is a group of Partners committed to a simple mission: Secure the best retailer in the world. Here at TAVM, we identify, mitigate, and remediate to continuously improve our company's security posture.
Our collaborative team is instrumental in cloud and on-premise security, user lifecycle management, technical sustainment, patch management, and engineering software-based solutions to reduce the repetitiveness of tasks and ensure desired states of our resources are met.
As a Staff Security Software Engineer, Threat and Vulnerability Management , you are responsible for driving the implementation of Infrastructure-as-Code practices for the deployment, maintenance, and security of various frameworks across thousands of H-E-B systems.
What you'll do (Security, Design & Development)
- Design and implement code-based solutions to solve common infrastructure security challenges
- Identify, scope, and architect solutions for new features while considering technology alternatives and all impacts / tradeoffs
- Modernize security services portfolio with a focus on self-service and automation via Infrastructure as Code and other Engineering techniques and practices; focusing on operating system frameworks
- Support our customers with a world-class attitude and a passion for secure results
- Collaborate with various infrastructure and application teams to deliver world-class digital security experiences
- Lead others to identify, scope, and architect solutions for new features while applying sound technical and security-centric judgment that considers technology alternatives, impact on affected / adjacent systems, and tradeoffs
- Coach and mentor other engineers in engineering techniques, processes, and new technologies; enable others to succeed
- Get the opportunity to stay ahead of new technologies with an eye to evaluating and potentially incorporating them into your team's architecture; introduce new technologies that have ROI / influence
- Leading best practices and securing both cloud and on-premise infrastructure security that powers our high-performance Enterprise
- Lead large initiatives within the team, including technical design / delivery of complex features across multiple systems as H-E-B improves the customer and Partner user experiences
- Recommend changes to processes and tools at the team level based on security industry standards, patterns, and practices
- Make recommendations for overall application system design, architecture, security, scalability, reliability, and performance
- Diagnose and fix complex technical and issues independently and with a team of motivated engineers
- Communicate individual and project-level development statuses, issues, risks, and concerns to technical leadership and management; research / advise technical leadership in vendor negotiations
- Create and maintain standards, practices, documentation, and training related to technology stacks, security services, and security processes.
- Support the build and deployment pipeline and when necessary, both diagnose and solve production support issues
- Recommend changes to processes and tools at the group / dept level based on industry standards, patterns, and practices
Who You Are
- An ownership mentality and a consistent track record of successful, high-quality results
- Experience with coaching, mentoring, and building partnerships with small teams of engineers
- Experienced as trusted leader who may supervise and review engineer's work.
- A track record of success leading project teams and working cross-functionally with other teams to achieve success
- Have led projects that are highly visible in an organization, overseeing responsibility for team and project decisions
- Communication skills that brings clarity to projects and ideas for teams of engineers and leadership
- A passion for customer service and digital security
- A flexible and agile approach to people and technical work
- Enjoyment learning emerging security technologies
- 7+ Years of Experience working in application development
- An understanding and established experience of common security services in support of security activities, such as: Patching, configuration hardening, antimalware, encryption and cryptography, and vulnerability assessment / remediation
- Experience with common cyber security management frameworks, such as International Organization for Standardization (ISO) 27001/2, the ITIL, COBIT, and National Institute of Standards and Technology (NIST) frameworks
- Established professional of secure system architecture, design patterns, and best practices
- 5+ years of experience implementing Infrastructure as Code mechanisms to manage technical services
- Expert knowledge and experience with scripting and software development using languages such as Python or Java
- 7+ years of experience and knowledge of CI/CD, including use of GitLab Runner and Jenkins
- 5+ years of experience with automation tools such as Terraform, Puppet, or Ansible
- Knowledge and experience with operating in Public Cloud infrastructure such as Azure, GCP, or AWS as well as on-premise private cloud and Virtual Machine server environments
- Preferred knowledge of middleware apps such as WebLogic, Apache, or Tomcat.
- Experience with common collaboration tools such as JIRA, Confluence, ServiceNow, etc.
- A related degree or comparable formal training, industry certification, and/or well-established work experience as previously stated (Cybersecurity, Computer Science, Information Systems, etc.)
- The ability to work efficiently in a fast-paced technical environment with increasing support demands and complexity
- The ability to manage multiple priorities and assigned tasks to meet deadlines and objectives that may require occasional extended work hours.
- Ability to function in a hybrid work environment, working from home and on-site to meet the needs of the team, project, and organization
- Ability to participate in rotating on-call schedules
- Ability to travel occasionally by plane or car with overnight stays