It Security Engineer (Remote)

At US Foods®, innovation and technology is our superpower. By expanding our digital ecosystem and leading with a customer-first mindset, we’re delivering technology that empowers our customers and simplifies business. As we transform the digital landscape of the foodservice industry, we’re outpacing our competitors faster than ever before.
We believe diversity is the cornerstone of creativity and innovation—and we foster an open, inclusive, flexible work environment that supports our transformation.
The IT Security Engineer is responsible for implementing, maintaining, monitoring, and managing secure solutions. The engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the Security Engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.
The Security Engineer is expected to contribute to the development and implementation of strategies to protect computer systems, networks, and other digital assets contributing to the corporate security strategy with security leadership and other senior security staffers and technologists. In this position, you will work collaboratively with peers and stakeholders across the enterprise on implementations and management including IT infrastructure, application development, security operations, security audit and end users. With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, business-to-business initiatives, third-party relationships, outsourced solutions, and vendors tasked with analyzing current security protocols to identify weaknesses or vulnerabilities that could be exploited by hackers. Considered a knowledgeable individual, the Security Engineer is expected to implement, monitor, and manage secure solutions that address modern day issues.

• Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted
• Engage in information security projects assisting in the delivery and support
• Implement solutions observing compliance – Health Information Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), etc. – and privacy laws
• Partner with the business to ensure business needs are met while ensuring smooth rollout and implementation of security tools
• Work in tandem with senior engineers, architects, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members
• Respond to and handle service and escalation tickets within SLA expectations
• Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected
• Respond to and handle service and escalation tickets within SLA expectations
• Participate regularly in project and change management meetings
• Handle day-to-day security implementations, monitoring, operational support of hardware and software, applications, managed solutions, and service provider relationships
• Perform other duties as assigned by manager
• Deliver projects on time, within budget and in accordance with service level agreements (SLAs)
• Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted

• 5+ years’ experience in cybersecurity, including compliance and risk management with a system and network security engineering background required.
• Experience managing SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools, and endpoint detection and response (EDR)
• Highly technical and analytical expertise, with a proven background (5+ years’ IT experience in addition to cybersecurity) in technology design, implementation, and delivery required.
• Skilled in meeting vulnerability and penetration testing requirements
• Record of accomplishment of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
• Excellence in communicating business risk from cybersecurity issues
• Highly trustworthy; leads by example
• Role is remote with approximately 5% travel required

• Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent work experience.

• CISSP, CISM and/or SANS, or Cisco-related certifications a plus

• Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) Act, SOX, Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2
• Scripting in Python, JavaScript, PowerShell, PHP, or Ruby
• Ability to work independently and tactically, with effective decision-making skills
• Working knowledge of Windows, Linux, Unix, and Cisco networking
• Demonstrated experience with relevant technical security products, such as ForgeRock, M365 E5 security suite, CyberArk for Privileged Access Management and Vault, SIEM (QRADAR or Sentinel), Fortinet, F5, DDoS and Cloud WAF, Zscaler, AWS Security Services, and Microsoft Defender EDR technologies
• DevOps background with experience in compliance obligations
• Experience in cloud computing technologies, including software, infrastructure, and platform-as-a-service, as well as public, private, and hybrid environments
• Experience with Amazon Web Services (AWS) or Microsoft Azure