Security Engineer

Description :

SPS Commerce has an immediate opening for a Security Engineer who will specialize in Incident Response. In this role you will play a pivotal role in safeguarding our organization against cyber threats by detecting, responding to, investigating, and mitigating security incidents.

Based in our office in downtown Minneapolis, our hybrid work model provides the best of both worlds. We #succeedtogether through in person collaboration, balanced with remote work to provide flexibility.

Our team is typically in the office 1 day per week.

Why join SPS?

We solve retail supply chain problems by cutting through inefficiency with innovation and automation. At SPS we empower retailers, suppliers, distributors, grocers, and logistics partners to work better together with our people, our process, and our tech products.

We have the worlds largest retail network, and we dont just lead the industry, we are the industry.

At SPS, we believe every employee makes a difference. We ensure employees have the tools, resources, and training to explore new ideas and execute them.

Our success comes from playing as a team and always playing to win. Careers dont just grow here, theyre made here.

What is the day-to-day like?

• Detect and respond to security incidents promptly, utilizing SIEM, SOAR, and EDR tools to identify and mitigate threats.
• Lead incident response efforts, coordinating with cross-functional teams to contain, eradicate, and recover from security breaches.
• Conduct thorough investigations into security incidents, analyzing root causes and implementing preventive measures to mitigate future risks.
• Enhance security operations in product or cloud-native environments by integrating security practices within CI / CD pipelines.
• Develop and implement automated security processes to streamline incident response activities and align with agile development practices.
• Provide expertise in security configurations and best practices for Linux / UNIX, MAC OS, AWS, and Azure environments.
• Collaborate with development and operations teams to embed security into the software development lifecycle.
• Stay updated on emerging threats, vulnerabilities, and industry best practices to continually improve incident response capabilities.

What experience and skills do you need?

• 2 years of experience with bachelors degree in related business or technical area or 5 years of experience without a degree.
• Experience in providing technical security guidance to technical and non-technical audiences.
• Experience with security frameworks such as ISO27001, NIST CSF, NIST 800
• Experience in security operations for product or cloud-native environments, including incident detection, response, investigation, and mitigation.
• Proven track record of handling complex security incidents and managing incident response teams.
• Experience with SIEM, SOAR, and EDR that are used to detect anomalous behavior and respond.
• Understanding of and hands-on experience with Linux / UNIX, MAC OS, AWS, and Azure, emphasizing security configurations and best practices.
• Proficiency in programming languages such as Python, Go, Ruby, complemented by expertise in SQL and other database query languages.

What experience is preferred?

• Knowledge of digital forensics investigations, encompassing chain of custody, evidence procedures, investigative interviewing techniques, information management, and legal processes.
• Proficiency in implementing automated security processes in alignment with Agile development practices.
• Experience with designing incident response and security operations programs.
• Experience with software engineering and designing custom security response tools.
• Experience with maturity and gap assessments.
• GCFA, GCFR, GNFA, and / or Public Cloud Certifications.

SPS Commerce offers a comprehensive package of benefits including health, dental, vision, disability, and life insurance, paid time-off, 401(k), health and flexible spending accounts, stock purchase plan and more.

EOE including disability / veteran