Cyber Security Engineer
Found in: Talent US C2 - 2 weeks ago
Eligible for a hybrid work schedule split between home & office.
You may know us for our huge menu of delicious food…and for being recognized by Fortune Magazine as one of the “100 Best Companies to Work For®” ten years in a row What you may not know is we are a company driven by industry leading technology.
As a Network Security Engineer at The Cheesecake Factory, you'll play a pivotal role in implementing, supporting, and enhancing security services across our organization. You'll partner with our Security Manager, leading security engineering tasks, projects, and incidents while collaborating seamlessly with our talented team of Network and Systems Engineers. Your effectiveness will extend beyond our internal teams as you work closely with peer groups, including the head of the Security console and managed security services providers, to align and drive a cohesive security operations and strategy.
You’ll thrive in this position if you are:
A Technical Authority: You're a subject matter expert in your field, continually expanding your knowledge of evolving technologies, emerging trends, and cutting-edge advancements. A Strategic Innovator: Your knack for formulating technical strategies and conceptualizing innovative solutions is unmatched. You have a vision for optimizing our organization's technical potential. A Collaboration Catalyst: Building strong, technical relationships with colleagues at all levels, both within and outside the organization, is second nature to you. Your network is an asset in the ever-evolving tech landscape. Precision-Oriented: You possess an unwavering commitment to detail, ensuring that every technical facet is thoroughly scrutinized and managed, leaving no room for error.Here’s more of what you’ll get to do:
Execute security hardening efforts aligned with the strategy set by the Manager and VP of Security. This includes conducting regular security audits, assessments, reviews, and remediation procedures on annual, quarterly, and daily bases. Drive the implementation of security infrastructure enhancements, from design to steady-state support, ensuring the robustness of our defenses. Conduct infrastructure and network security assessments and penetration tests as needed, taking the lead in both on-site and off-site annual security assessment exercises. You'll provide critical security reports, encompassing audits, scans, and more. Collaborate with the Security Manager to proactively research and communicate emerging security threats. Your role includes proposing recommendations for both short-term and long-term solutions, enhancing our overall security posture by reducing threat vectors. Work closely with our Infrastructure, Monitoring & Incident Response teams, as well as our SOC (MSSP) vendors, to secure and monitor our corporate, restaurant, and cloud infrastructures. Oversee and actively participate in incident response activities as required, including security training and phishing exercises for all corporate and restaurant staff members. As the Network Security Engineer, you will be the go-to escalation point for all security incidents or escalations, ensuring a swift and effective response. Maintain comprehensive network and systems documentation, including administration guides, network and security diagrams, and asset management records. Be available on-call as required, promptly troubleshooting any issues arising from changes, unexpected outages, or security incidents, ensuring the integrity of our digital operations.
What we require:
5+ years of experience in Information Security with a background in Network or Systems Infrastructure. Strong understanding of security topics, including access control, network and systems hardening, threat modeling, encryption, vulnerability management, digital forensics, and incident response. Experience with tools/technologies such as 802.1x, Cisco ISE, RSA, MAB, PKI authentication, Sourcefire, zone-based firewalls, IDS/IPS, MDM, SSO and access control management solutions. In depth knowledge managing SIEM, event correlation tools and security endpoint solutions. Experience using multiple security pen testing / scanning tools to include Qualys, Nessus, Snort etc. Experience with compliance and risk management frameworks, such as PCI, SOX, ISO27001 Experience working with third party SOC/MDR/MSS Service providers highly desired. Excellent communication skills required, with prior experiencing acting as a liaison between other departments, employees, management, and vendors.
What we prefer:
Bachelor’s degree in engineering, Computer Science or related field OR equivalent work experience Microsoft Certifications (MCSA, MCSD, MCSE) Certifications in one or more of the following - CISSP, CISM, CISA, CPP, CRISC, CEH, CCNP, ITIL