Sr. Security Engineer

Security Engineers work with cross-functional teams to design, implement, and support solutions for Domino's Domestic and International business units, partners and customers. In addition, Security Engineers perform proof-of-concept tests, technical requirements gathering, documentation, diagrams, implementation activities, and maintenance of the Dominos ecosystem.

The role of the security engineer demands business insight; technical acuity; and the ability to think, communicate and write at various levels of abstraction.

Responsibilities

• Responsible for setting up and maintaining a system or specific components of a system (installation, configuration, and updating hardware and software).
• Develop and document models, plans, diagrams, illustrations, and procedures in support of engineering activities and security related business initiatives.
• Advises business managers and customers of security requirements, configurations, and limitations.
• Assist with ongoing projects related to Information Security initiatives.
• Work with Information Security leadership, other Domino's Technology teams and/or other business units to design, engineer, recommend, plan and execute technical projects to meet the needs of the business.
• Ensure that new technologies are reviewed and implemented, standards and security requirements are met, and interoperability needs are addressed.
• Assist business and support functions in evaluating tools and technology that support the enterprise's risk management approach.
• Develop, update, and/or maintain system documentation relative to best practices and/or standard operating procedures (SOPs).
• Integrate new systems into existing network architecture.

Required Skills

• Ability to design capabilities to find solutions to less common and more complex system problems.
• Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection/prevention, web server security, SAML/SSO platforms, PAM and MFA solutions.
• Deep knowledge of TCP/IP and related data network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, HTTP, SNMP etc., and advanced features like IPSEC and IPv6 related protocols and accompanying protocol analysis tools (Wireshark, TCPDump, etc)
• Knowledge of controls related to the use, processing, storage, and transmission of data.
• Practical understanding with web application firewalls, network access control, database security, content filtering, and vulnerability management
• An understanding of DDoS Mitigation strategies, Data Loss Prevention and SIEM (Security Information Event Management) solutions
• Strong knowledge of common vulnerabilities and exploitation techniques
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and recommend the most appropriate path forward
• Develop and enhance Continuous Integration/Continuous Delivery/Deployment and automated infrastructure provisioning DevOps fixtures including build processes
• Familiarity with Unix/Linux and container platforms (Docker, PKS, etc.)
• Advanced use of python, ruby, bash scripting in a DevOps setting
• Working knowledge of layered security architectures and designs

Qualifications

• A bachelor's or master's degree in computer science, information systems or other related field; or equivalent work experience.
• 5 -8 years of combined IT and security work experience, with 5+ years of experience in information security, particularly in an engineering role.
• Certified Information Systems Security Professional (CISSP) or Cisco Certified Internetwork Expert (CCIE Security) desired.