Sr. Security Engineer
What Makes Pampered Chef Unique
We aren’t your typical company - we act like owners, seek out learning opportunities, and thrive in an environment of empowerment and accountability. We want the best people who are passionate about driving results and continuing to get better. Our team is guided by our core values and our purpose of enriching lives. We’ve set a clear strategy for growth; we’re focused on driving our reinvention and capitalizing on the numerous opportunities in a growing industry. Our open floor plan and flat organization ensure that you will collaborate across teams and work closely with our leaders. Additionally, we have a unique blend of being a long-term focused, small, agile company backed by the resources of Berkshire Hathaway.
Purpose of the Role
Sr Security Engineer plays a key role in completing our mission every day by ensuring that Pampered chef maintain and deploy new systems/services in a secure manner to reduce information security risks. Reporting directly to Director of Information Security, the Senior Engineer takes charge of the selection and deployment of world-class cyber security tools. The Senior Engineer also acts as the chief evangelist for cyber security throughout Information Technology, consulting with the application development and infrastructure team on secure systems and applications design.
- Consult and collaborate closely with colleagues throughout Information Technology - Ensure that new applications and infrastructure are secure from the project initiation phase.
- Vulnerability Management & Penetration Testing – Strong knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development. Configures, schedules, manages and reviews internal and external network and application vulnerability scans and penetration tests. Monitors and reviews industry related vulnerabilities reviewing findings with appropriate teams, creating remediation plans and tracks and reports on progress
- Secure Development – Build strong relationships and be deeply embedded within product management and software engineering team. The Senior Security Engineer will drive the design and adoption of secure software development lifecycle practices across the areas of secure architecture and design, secure coding, security testing, and secure software release management.
- Cloud Security: Build a secure cloud environment and help drive the adoption of secure coding and deployment practices in Amazong Web Services Cloud.
- Incident & Cyber Threat Management – Works with the appropriate teams to ensure all appropriate data is aggregated into the logging and monitoring tool and that the appropriate reports are produced and reviewed.
- Infrastructure Security - Works closely with the Infrastructure and Application Development teams to ensure proper configurations are implemented and tested on WAF, FW, IDS/IPS and platform
- Patch Management and End-Point Protection – Reviews all patches and updates released related to the operating systems used at The Pampered Chef. This includes but is not limited to standard operating systems, hardware bios and firmware, appliances and any other mission critical systems or services. Plan and coordinate routine and emergency outage windows through coordination with Information technology and business units and communications to co-workers and consultants.
- Procure and implement new cyber security technology - Ensuring that technologies are procured within budget and delivered to the company in a timely manner.
Competencies for Success
- 5 to 10 years of experience working in technology and development with a specialty in security in a complex environment, focusing on protection of intellectual property and sensitive data.
- Strong knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development
- Cloud Security experience (AWS, O365)
- Advanced experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Log Analysis, SIEM, Network Behavior and Packet Analyzers, Malware analysis and forensics tools
- Strong knowledge of vulnerability assessment, scanning (Rapid7, Qualys, Tenable)
- Experience with software application best practices (e.g. OWASP, CWE/SANS)
- Experience creating and maintaining security policies and standards
- Working knowledge of security best practices and standards such as ISO27001, ISO27002, PCI-DSS
- Experience in a 24/7 high availability production environment
- Ability to think logically and analyze security requirements and convert them to accurate security plans to mitigate risk
- Analyzes relevant cyber security event data for attack indicators and breaches that may yield detection/prevention content
- Ability to effectively manage multiple concurrent priorities and meet deadlines within a dynamic, fast paced and challenging environment
- Strong interpersonal and communication skills
- Demonstrate the ability to clearly articulate complex technical scenarios to a non-technical audience
Measures of Success
- Delivery on information security road-map and projects
Education and Experience
- Bachelor's in Computer Science or Information Security
More about Pampered Chef
We are a global brand delivering curated, high-quality kitchen solutions through a network of over 40,000 independent consultants and a rapidly growing online business. We began as a Chicago-based start-up in 1980 and today are part of the Berkshire Hathaway family of companies. Now we’re leveraging our company’s strong foundation to reinvent our company and our brand for future growth. We’re searching for top talent to help reshape our company to deliver on our purpose of enriching lives one meal and one memory at a time.