Senior Security Engineer
With over 130 store and warehouse locations and more than 7,500 associates across the U.S. and Canada, Crate and Barrel is a dynamic and growing multi-channel furniture and housewares retailer. So we can continue to help others love how they live in moments that matter, the iconic brand is looking for a driven and passionate professional to raise the bar and join our Technology department as a Senior Security Engineer located in our Northbrook, IL corporate office.
The Senior Security Engineer role is responsible for building, supporting and monitoring the security posture of the business, conducting/coordinating security control audits, identifying potential gaps/risks, and ensuring compliance risks that could compromise company information. This role maintains systems to protect data from unauthorized users. Identifies, reports, and resolves security violations. In collaboration with other members of the technology security team, this position will manage a broad set of activities, including: access control, vulnerability management, auditing, evaluating the efficiency, effectiveness and compliance of operation processes with corporate security policies and related industry regulations.
- Lead, coordinate and manage IAM program and authorizes appropriate levels of security based on user needs, guidelines and policy.
- Establish plans and protocols to protect information assets from unauthorized access, modification or destruction.
- Develop security standards and best practices to meet internal business partner’s security needs.
- Partner with technical administrators, application developers and technical peers to address questions and assist in all IT audits, IT risk assessments and regulatory compliance.
- Performs vulnerability assessments of the IT security posture within the enterprise networks, systems and software applications.
- Facilitates remediation of identified vulnerabilities, reports on findings and recommendations for corrective action.
- Oversee the security patch management program: servers and desktops.
- Analyze security breaches and policy violations to determine root cause.
- Facilitate the incident response process to ensure the appropriate urgency and discretion is used and communication is facilitated within the incident response guidelines.
- Assist in developing policies, procedures and standards that meet existing and newly developed policy and regulatory requirements including ISO 2700x, NIST, PCI, ISO.
- Assists in the preparation and presentation of training materials and communications to educate user groups.
- Bachelor’s Degree in Computer Science, Information Systems or equivalent work experience and security certifications
- 8+ years of IT data security experience
- Infrastructure experience extending across multi-applications/platforms: i.e active directory administration, Amazon Web Services, Google (G-Suite, GCP), identity management/provisioning, Linux, Mac OS X, Microsoft (Azure, Exchange, Office, SharePoint, Windows OS), Firewall Management, Security Information and Event Management (SIEM) appliances
- Strong knowledge of information security concepts and security trends and practices
- Ability to communicate effectively and work collaboratively across an organization to achieve common goals and positive results
- Able to work with a high degree of independence, integrity and confidentiality with minimal supervision
- A working knowledge of IT Security Frameworks, industry regulations, and standards, ISO, NIST, PCI and their associated security controls
- ISO2700x assessment – specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization’s risk management
- DLP, AV and anti-malware – an understanding of the tools used to protect the organization
- Prior experience with the development of information security policies and standards documents – preferred
- Prior experience with internal auditing of security controls, Meaningful Use requirements, NIST/ISO/PCI Security audits – preferred
- Ability to operate in a self-directed manner with strong project management, time management, analytical and technical problem-solving skills
- Good reading, written and verbal language skills (English)
The job description and other aspects of the job listed on this job posting should not be construed to contain every function/responsibility that may be required to be performed by an associate in this job. Associates are required to perform other related functions as assigned.
Euromarket Designs, Inc., which does business as Crate and Barrel and CB2, will be referred to as “the Company”. The Company is deeply committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please contact the location you are applying to here and ask to speak with a manager regarding the nature of your request.
The Company is an equal opportunity employer; applicants are considered for all positions without regard to race, color, religious creed, sex, national origin, citizenship status, age, physical or mental disability, sexual orientation, gender identity, marital, parental, veteran or military status, unfavorable military discharge, or any other status protected by applicable federal, state or local law.
The Company participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the US.
State / City Compliance: The Company will consider for employment qualified applicants with criminal history, including arrest and conviction records, in accordance with the Los Angeles Fair Chance Initiative for Hiring and the San Francisco Fair Chance Ordinance.
Get To Know Our Team.
Get to know us and find out why you should become part of our team.Meet Our Associates
Don’t See Anything of Interest?
Join our Talent Community to stay in the loop with our job news and opportunities.Sign Up (Opens in New Window)