[ref. p807800] Sr. Staff Information Security Engineer

About Blackhawk Network:

Learn more at BHN.com.

Overview:

The Senior Staff Information Security Engineer will be responsible for driving the technical security strategy, implementing security best practices, and supporting the development of secure systems across all infrastructure. The ideal candidate should have extensive knowledge of security technologies, risk management, and incident response, as well as the ability to collaborate effectively with other teams to identify and mitigate security threats.

Responsibilities:

Application Security Architecture and Engineering:

• Design and implement secure application architectures, ensuring security is embedded throughout the software development lifecycle (SDLC).
• Collaborate with development teams to integrate security controls into applications, services, and microservices.
• Establish and enforce secure coding standards, practices, and guidelines across the development teams.
• Provide guidance on the selection and implementation of security tools and technologies to secure applications, APIs, and web services.

AWS Cloud Security Architecture and Engineering:

• Design, implement, and maintain a secure AWS cloud infrastructure in line with security best practices and industry standards.
• Develop and enforce security policies, controls, and frameworks for securing AWS environments, including EC2, S3, RDS, Lambda, VPC, IAM, and other AWS services.
• Integrate AWS-native security tools (e.g., AWS Shield, GuardDuty, Macie, Config, CloudTrail) into the security operations pipeline.
• Work with teams to deploy infrastructure as code (IaC) securely using AWS CloudFormation, Terraform, or other automation tools.

Identity and Access Management (IAM):

• Oversee the design and implementation of strong identity and access management (IAM) practices within AWS, including the use of least privilege, multi-factor authentication (MFA), and role-based access controls (RBAC).
• Lead the creation and management of IAM policies, roles, and permissions across AWS accounts to limit exposure and mitigate risks.
• Implement and enforce automated IAM policy checks to ensure adherence to security policies and best practices.

Security Automation and Orchestration:

• Lead efforts to automate cloud security tasks, including vulnerability scans, configuration reviews, incident responses, and compliance checks.
• Implement security-as-code by integrating AWS services with DevOps workflows and CI/CD pipelines for continuous security testing and validation.
• Use AWS Lambda, CloudFormation, and other AWS services to automate security controls, threat intelligence integration, and remediation actions.

Cloud Security Operations and Monitoring:

• Develop, implement, and maintain AWS-specific monitoring tools and solutions (e.g., CloudWatch, CloudTrail, GuardDuty) to detect and respond to security incidents in real time.
• Automate incident detection and response within AWS environments, leveraging security tools like AWS Security Hub, SIEM integration, and custom playbooks.
• Establish robust logging and monitoring mechanisms to ensure visibility into cloud infrastructure activity and reduce the time to detect threats.
• Maintain and improve AWS security posture using tools like AWS Config, AWS Audit Manager, and others to ensure continuous compliance with security frameworks.

Threat Modeling and Risk Assessment:

• Conduct threat modeling exercises to identify potential security risks within new and existing applications.
• Perform detailed risk assessments for applications and services, including penetration testing and vulnerability assessments.
• Work with product and engineering teams to assess security risks and define mitigation strategies for identified vulnerabilities.

Security Architecture and Engineering:

• Design, implement, and manage advanced security architectures for cloud and on-premises environments.
• Develop security controls and standards to safeguard enterprise systems, networks, and data.
• Implement security measures to protect against a wide variety of cyber threats (e.g., malware, phishing, DDoS attacks, etc.).
• Conduct security reviews of architecture and design specifications for new systems or applications.

Risk Management and Vulnerability Assessment:

• Conduct risk assessments and security audits to identify vulnerabilities in applications, systems, and networks.
• Lead vulnerability management processes, including scanning, assessment, prioritization, and remediation.
• Collaborate with stakeholders to prioritize and mitigate identified risks to meet the company’s risk tolerance.
• Perform penetration testing and red team exercises to assess system vulnerabilities and security posture.

Incident Response and Threat Intelligence:

• Lead and support incident response efforts for security events, including investigation, mitigation, and post-mortem analysis.
• Develop and refine incident response procedures to ensure rapid detection and effective containment of security incidents.
• Analyze and interpret threat intelligence to stay ahead of emerging threats and provide proactive mitigation strategies.

Security Monitoring and Logging:

• Oversee the deployment and optimization of security monitoring tools (SIEM, IDS/IPS, endpoint protection, etc.).
• Continuously monitor security logs and alerts to detect suspicious activities and potential threats.
• Work with other teams to implement a robust logging and monitoring strategy across the enterprise.

Security Awareness and Best Practices:

• Mentor and train junior security engineers and other team members in security best practices, threat mitigation, and incident handling.
• Collaborate with development teams to implement secure coding practices and conduct regular code reviews from a security perspective.
• Stay up-to-date with the latest security trends, vulnerabilities, tools, and technologies, ensuring that security initiatives are aligned with industry standards.

Compliance and Governance:

• Ensure that security policies, standards, and procedures comply with relevant regulations and industry frameworks (e.g., GDPR, HIPAA, NIST, SOC 2, PCI-DSS).
• Assist with audit processes and manage internal and external assessments of the organization’s security posture.

Cross-Department Collaboration:

• Work closely with IT, DevOps, and development teams to integrate security controls into the software development lifecycle (SDLC).
• Collaborate with business units to understand security needs and ensure alignment between security initiatives and business objectives.

Qualifications:

Required Skills:

• Mentor and train junior security engineers and other team members in security best practices, threat mitigation, and incident handling.
• Stay up-to-date with the latest security trends, vulnerabilities, tools, and technologies, ensuring that security initiatives are aligned with industry standards.
• Cloud Security Expertise: Deep understanding of AWS services, security best practices, and AWS Well-Architected Framework, particularly in security.
• IAM and Access Controls: Expertise in designing and managing IAM policies, roles, and permissions within AWS environments.
• AWS Security Tools: Hands-on experience with AWS native security services such as GuardDuty, Shield, Macie, Inspector, and CloudTrail.
• Infrastructure as Code (IaC): Experience with AWS CloudFormation, Terraform, or similar tools to manage cloud resources securely.
• Security Automation: Ability to automate security tasks using AWS Lambda, CloudWatch, and other AWS tools.
• Programming Knowledge: Proficiency in one or more programming languages such as Java, C/C++, Python, Ruby, or JavaScript, with an emphasis on secure coding.
• Application Security Tools: Extensive experience with SAST, DAST, Software Composition Analysis (SCA) tools, and security testing frameworks.
• Security Frameworks and Standards: In-depth knowledge of application security frameworks and standards, including OWASP Top 10, secure software development lifecycle (SDLC), and best practices.
• Threat Modeling: Hands-on experience with threat modeling techniques and tools to identify and mitigate application security risks.
• Vulnerability Management: Expertise in vulnerability management and remediation strategies, including code reviews, penetration testing, and vulnerability scanning.
• Cloud Security: Understanding of cloud security principles and securing cloud-native applications, APIs, and microservices (AWS, Azure, GCP).
• CI/CD Integration: Experience with integrating security into CI/CD pipelines using tools such as Jenkins, GitLab CI, or CircleCI.
• In-depth knowledge of security frameworks and industry standards (e.g., NIST, ISO 27001, CIS, SOC 2, PCI).
• Hands-on experience with security tools such as firewalls, SIEM, IDS/IPS, DLP, endpoint protection, and vulnerability management systems.
• Strong proficiency with cloud security (AWS, Azure, GCP), network security, and identity & access management (IAM).
• Proficient in scripting and automation using languages like Python, PowerShell, or Bash.
• Strong understanding of encryption technologies, PKI, VPNs, and secure communication protocols.
• Experience with incident response, forensic investigations, and root cause analysis.
• Familiarity with container security, microservices, and DevSecOps practices.
• Ability to assess and mitigate risks across different systems and technologies, including legacy and modern environments.

Soft Skills:

• Strong analytical and problem-solving skills, with the ability to identify root causes and develop effective solutions.
• Excellent communication and collaboration skills, able to work effectively with cross-functional teams.
• Strong leadership skills with the ability to mentor junior engineers and guide the application security program.
• Ability to explain complex security concepts to non-technical stakeholders.
• Ability to prioritize tasks, manage time effectively, and handle multiple projects simultaneously.

• Experience: 7+ years of experience in information security, with a focus on security engineering, risk management, and incident response.
• Education: Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• Certifications:
• CISSP (Certified Information Systems Security Professional) or equivalent.
• CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor) preferred.
• Additional security certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), or similar are a plus.
• 10+ years of experience in security governance, risk and compliance, information security and information technology
• 10+ years of experience managing complex security architecture in AWS, Azure Cloud
• 10+ years of experience threat modelling, application security, infrastructure security

Benefits:

Blackhawk Network offers benefits including 401k with employer match, medical, dental, vision, 12 paid holidays throughout the year, 1 hour of sick pay accrual for every 30 hours worked, parental leave, life insurance, disability insurance, accident and illness insurance, health and dependent care flexible spending accounts, wellness benefits, and flexible time off for all full-time employees.

EEO Statement:

Blackhawk Network believes that diversity leads to strength. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

For Philadelphia applicants or jobs, please see a copy of Philadelphia’s ordinance on this topic by clicking this link: [...].