Cyber Security Engineer

Overview

Join to apply for the Cyber Security Engineer role at Costco IT .

This role is part of Costco IT and focuses on improving security posture and delivering new and enhanced security capabilities for Costco BC and BD properties.

Base pay range

$130,000.00 / yr - $201,000.00 / yr

Job Duties / Essential Functions

• Provides security and technical expertise to create, implement, and support the development of security objectsincluding Fastly CDN configurations, custom VCL logic, and Terraform-managed resourcesto satisfy business requirements.
• Analyzes, builds, operates, and administers security policies to control physical and virtual system access and configurations, including on Fastly edge computing and cloud platforms.
• Identifies and investigates security issues, leveraging multiple dashboards, alerting, and configuration management, to develop security solutions that address compliance requirements and mitigate risks.
• Identifies, develops, and implements mechanisms (such as Fastly security features, custom VCL, and automated Terraform deployments) to detect security incidents in order to enhance compliance and support security standards and procedures.
• Assesses business role requirements, reviews authorization roles, and supports authorizations, including integration with edge security platforms.
• Demonstrates a comprehensive skill set with testing authorizations for multiple environments (on-premises, cloud, and edge); coordinates and conducts testing with business / technical users.
• Defines and validates system configurationsusing tools such as automated Terraform checksto ensure the safety of information system assets and protect information from intentional or inadvertent access or destruction.
• Implements best practices using information systems security standards / practices, including access control, system hardening, audit / log file monitoring, security policies, and incident handling.
• Designs and coordinates activities / engagements with cross-functional teams (loss prevention, legal, networking, DevOps), especially when deploying edge security and automation.
• Identifies security gapsincluding in CDN, WAF, and API management layersthat may expose the business to exploitation, and develops prioritized remediation with available solutions.
• Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal / external threats and data infiltrations.
• Determines strategy and protocol for network behavior, analysis techniques, and tool implementation, including the use of observability and orchestration tools.
• Identifies and resolves problems, often anticipating issues before they occur; develops and evaluates technical optionsincluding edge and IaC platformsand implements scalable, secure solutions.
• Provides subject matter expertise in systems security policies, standards, protocols, technologies, with a focus on CDN and NGWAF.
• Creates dashboards, configures alerts, and implements / supports security software platforms to monitor tools and applications.
• Identifies opportunities for streamlining and increasing effectiveness using automation, scripting, and continuous process improvement.
• Develops and documents security events and incident handling procedures into Playbooks, including scenarios involving CDN security incidents and automated remediation.
• Triages, prioritizes, investigates, and coordinates security events and incident handling activities.
• Works with internal and external auditors, providing evidence for in-scope regulatory requirements.
• Designs, configures, and maintains a range of security controls across different environments.
• Partners with stakeholders and Security Architects to identify and implement security solutions that support business requirements, leveraging automation best practices.
• Regular and reliable workplace attendance at your assigned location.
• Ability to operate vehicles, equipment or machinery.

Experience, Skills, Education & Licenses / Certifications

Required :

Recommended :

Seniority level

Employment type

Job function

Note : This refinement preserves the core content and intent of the original description while ensuring proper HTML structure and compliance with the formatting guidelines.

#J-18808-Ljbffr