Security Engineer - Vulnerability Management

As a family company, we serve people and communities. When you work at Meijer, you’re provided with career and community opportunities centered around leadership, personal growth and development. Consider joining our family – take care of your career and your community!

 

Meijer Rewards

• Weekly pay

• Scheduling flexibility

• Paid parental leave 

• Paid education assistance

• Team member discount

• Development programs for advancement and career growth

 

Please review the job profile below and apply today!

The Information Security Engineer is considered a security subject matter expert and is adept at implementing proactive measures to identify, assess, prioritize and remediate vulnerabilities across diverse IT environments, ensuring robust protection against potential threats and minimizing security risks effectively. This position analyzes and supports the information security environment, contributes to requirements and assists in the development of measures, processes and systems to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Confers with team members, management, development personnel, risk assessment staff, auditors, facilities and security departments and other relevant personnel to identify and implement security plans for data, software applications, hardware, telecommunications, and computer installations. Contributes to research on and development of methods of implementing and enforcing security policies. Advises resource owners on formation of appropriate security policies.

What You'll be Doing:

• Defines, communicates, and monitors compliance of security checks and balances that are to be followed at each step of solution development and delivery processes.
• Develops and provides presentations as necessary for ITS team members, project and program leaders, ITS leadership, business customers and leadership and Senior/Executive level leadership on security topics and threat landscape.
• Performs regular assessments of solutions and architecture in conjunction with the Risk Evaluation group.
• Performs and leads others in security evaluations of sensitive applications/solutions.
• Ensures third party products properly address security (privacy requirements etc.).
• Ensures latest security controls exist on legacy solutions.
• Provide information to ITS, business, project, program and portfolio leaders to enable sound business decisions.
• Provides security focused technical consulting on business projects or system issues.
• Assists with the development of key business relationships and integration activities with other ITS departments, business areas, and/or vendors to ensure successful implementation and support of project, program and portfolio efforts.
• Utilizes knowledge of industry best practices for project and portfolio management, budget, Methodology and/or IT resource management to recommend and implement necessary changes.
• Relies on extensive experience and judgment to plan and accomplish objectives.
• Anticipates and creates/recommends technical options to support IT operations.
• Provides leadership skills within team and across IT organization.
• Leads and directs the work of others across IT organization on application security focused objectives.
• Ensures quality assurance standards and strategies are applied.
• Consults with, mentors and coaches ITS and business team members and leadership, project and program managers and vendors on patch hygiene, device and software lifecycle, concepts, processes and tools.
• Provides project management, portfolio, budget, and/or IT resource management standards communication to ITS team members, business customers, senior leadership and/or vendors.
• Develops and provides presentations as necessary for ITS team members, project and program leaders, ITS leadership, business customers and leadership and Senior/Executive level leadership.
• This job profile is not meant to be all inclusive of the responsibilities of this position. May perform other duties as assigned or required.

​What You Bring with You (Qualifications):

• Bachelor’s degree in Computer Science, Computer Information Systems, Business Information Systems, Engineering, Information Security, or related discipline or equivalent work experience and technical training is required.
• Industry certifications, including one or more of the following: CISSP, CISA, CISM, SANS GIAC, or other industry specific certification.
• Master's degree is preferred.
• 5+ years of experience in ITS Security, vulnerability management, threat assessment.
• Familiarity with information security standards, including NIST, COBIT, ISO 27001, ITIL.
• Has extensive experience working and coordinating multiple simultaneous projects and programs, including those that are outsourced (vendors, consultants and/or contractors) and cross-functional.
• Previous technical lead experience preferred.
• Experience with structured design, development, and implementation of new and established computing architectures.
• Strong technical knowledge, with hands-on experience managing systems development in new and established computing architectures and environments- Knowledge of relevant technology, tools, databases, and development techniques is critical.
• Excellent written and verbal communication skills.
• Excellent project management, organization, and team collaboration skills.
• Excellent facilitation, collaboration, negotiation, and presentation skills.
• Ability to anticipate risks and devise solutions in the moment .
• Comfortable with ambiguity, frequent change, or unpredictability.
• Curiosity to learn and understand business objectives, and how IT strategy enables them In depth understanding of project management concepts.
• Possesses good follow-through, administrative and organizational skills, is able to multi-task and has strong interpretation skills for the review of reports and data from all areas of the company.
• Possesses ability to define methods to measure processes and standards, and has an independent and innovative orientation.
• Able to work cross-functionally across ITS and the business areas, and with all levels of Meijer team members, project leads, management and vendor partners.
• Adaptive, flexible and responsive to challenges, change and customer business cultures.

We are committed to offering competitive pay that reflects market standards and ensures consistency within our organization.

The pay range for this position is listed below.

$100,000.00 - $156,000.00

This pay range represents the minimum and maximum base pay for the position, which is determined by factors such as market data, the qualifications required, the level of responsibilities associated with the role and other roles at this same level. Your specific pay rate within this range will be based on your experience, qualifications, and skills compared to the internal team you’ll be joining.

We offer a comprehensive benefits package that includes medical, dental, vision, life insurance, a 401(k) plan with employer match, disability leave, and paid time off (PTO). In addition to these core benefits, we are committed to supporting your overall well-being and career growth. Our offerings include a variety of programs designed to support your personal and professional development, such as paid parental leave, paid education assistance (including free education), a childcare subsidy and more. We are dedicated to creating a work environment that promotes work-life balance, long-term health and financial security, and continuous professional development