Information Security Analyst #2869~

Costco Wholesale Corporation Issaquah , WA 98029

Posted 2 months ago

Position Summary

The role of every Information Security team member is to support the overarching values and business goals of Costco Wholesale as they relate to meeting legal and regulatory obligations; protecting member, employee and vendor privacy; and ensuring a technologically secure operating environment.

Our Information Security Solutions Analysts provide consulting services to internal project teams, work with vendors to review solutions under consideration for use in the domain, and mentor others with lesser subject matter expertise.

Job Duties/Essential Functions

  • Performs project and vendor security assessments.

  • Assesses centralized user and configuration management systems.

  • Performs and/or coordinates regular security assessments of existing or new infrastructure.

  • Performs duties necessary to assist in establishing practices and system configurations to ensure the safety of information systems assets and to protect information systems from intentional or inadvertent access or destruction.

  • Works with information systems custodians (i.e., department managers, user community and systems administrators) at different levels in the organization to understand their respective security needs and assist with implementing practices and procedures consistent with Costco's Information Security Policy.

  • Assists with auditing of information systems activities and systems to confirm information security policy compliance and provide management with security policy compliance assessments.

  • Works with stakeholders to identify security solutions that support their business requirements.

  • Partners with other Information Security groups to conduct security risk assessments on new solutions and systems, periodic security risk assessments on existing systems and identify and/or recommend appropriate security countermeasures and best practices.

Non-Essential Functions

  • Assists in other areas of the department as necessary.

  • Assists in other departments of the company as necessary.

Ability to operate vehicles, equipment or machinery

Computer, phone, printer, copier, fax

Experience, skills, education & licenses/certifications

Required:

  • Experience with networking technologies, such as firewalls, routers, load balancers, and proxies.

  • Willing to share knowledge and assist others in understanding technical and business topics.

  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).

  • Demonstrated experience of "hands on" security knowledge of one or more of the following platforms: Windows, Linux, UNIX, AIX, 4690, or iSeries.

  • Experience with Threat Modeling, security assessments, and evaluating mitigating controls.

  • Experience with network-based detective controls like IDS, IPS and various SIEMS.

  • Working knowledge of networking protocols.

  • Working knowledge of web technologies.

  • Ability to interpret information security data and processes to identify potential compliance issues.

  • Ability to quickly understand complicated data flows in order to identify and validate security requirements.

  • Must be a team player and willing to establish a strong positive working relationship with all areas of the business.

  • Ability to work effectively, independent of assistance or supervision.

  • Innovative, creative, and extremely responsive with a strong sense of urgency.

  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers using appropriate language, examples, and tone.

Recommended:

  • A Bachelor's degree in Computer Science or a minimum of 3 to 5 years of information systems security or related data processing auditing experience.

  • One or more professional audit or security certifications such as CISA or CISSP (or equivalent work experience).

  • Experience with performing vulnerability scans and assessments.

  • Experience performing computer forensics.

  • Familiarity with SOA governance and policy management best practices.

  • Familiarity of SDM, SDLC, and project management processes.

  • Familiarity with Regulatory Compliance and industry standards, such as HIPAA, SOX, and PCI.

  • Familiarity in a DevOps or DevSecOps environment.

  • Successful internal candidates will have spent one year or more on their current team.

Other Conditions

  • Management will review the Job Analysis for this position prior to a job offer.

To Apply: Use the link below to upload all required documents to

https://chm.tbe.taleo.net/chm02/ats/careers/requisition.jsp?org=COSTCO&cws=1&rid=2869

Apart from any religious or disability considerations, open availability is needed to meet the needs of the business. If hired, you will be required to provide proof of authorization to work in the United States. Applicants and employees for this position will not be sponsored for work authorization, including, but not limited to H1-B visas.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Analyst 2892

Costco Wholesale Corporation

Posted 3 weeks ago

VIEW JOBS 3/26/2019 12:00:00 AM 2019-06-24T00:00 Position Summary The role of every Information Security team member is to support the overarching values and business goals of Costco Wholesale as they relate to meeting legal and regulatory obligations; protecting member, employee and vendor privacy; and ensuring a technologically secure operating environment. Our Information Security Solutions Analysts provide consulting services to internal project teams, work with vendors to review solutions under consideration for use in the domain and mentor others with lesser subject matter expertise. Job Duties/Essential Functions * Performs project and vendor security assessments. * Assesses centralized user and configuration management systems. * Performs and/or coordinates regular security assessments of existing or new infrastructure. * Performs duties necessary to assist in establishing practices and system configurations to ensure the safety of information systems assets and to protect information systems from intentional or inadvertent access or destruction. * Works with information systems custodians (i.e., department managers, user community and systems administrators) at different levels in the organization to understand their respective security needs and assist with implementing practices and procedures consistent with Costco's Information Security Policy. * Assists with auditing of information systems activities and systems to confirm information security policy compliance and provide management with security policy compliance assessments. * Works with stakeholders to identify security solutions that support their business requirements. * Partners with other Information Security groups to conduct security risk assessments on new solutions and systems, periodic security risk assessments on existing systems and identify and/or recommend appropriate security countermeasures and best practices. Non-Essential Functions * Assists in other areas of the department as necessary. * Assists in other departments of the company as necessary. Ability to operate vehicles, equipment or machinery Computer, phone, printer, copier, fax Experience, skills, education & licenses/certifications Required: * Experience with networking technologies, such as firewalls, routers, load balancers, and proxies. * Willing to share knowledge and assist others in understanding technical and business topics. * Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling). * Demonstrated experience of "hands-on" security knowledge of one or more of the following platforms: Windows, Linux, UNIX, AIX, 4690, or iSeries. * Experience with Threat Modeling, security assessments, and evaluating mitigating controls. * Experience with network-based detective controls like IDS, IPS and various SIEMS. * Working knowledge of networking protocols. * Working knowledge of web technologies. * Ability to interpret information security data and processes to identify potential compliance issues. * Ability to quickly understand complicated data flows in order to identify and validate security requirements. * Must be a team player and willing to establish a strong positive working relationships with all areas of the business. * Ability to work effectively, independent of assistance or supervision. * Innovative, creative, and extremely responsive with a strong sense of urgency. * Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers using appropriate language, examples, and tone. Recommended: * A Bachelor's degree in Computer Science or a minimum of 3 to 5 years of information systems security or related data processing auditing experience. * One or more professional audit or security certifications such as CISA or CISSP (or equivalent work experience). * Experience with performing vulnerability scans and assessments. * Experience performing computer forensics. * A Familiarity with SOA governance and policy management best practices. * A familiarity of SDM, SDLC, and project management processes. * A Familiarity with Regulatory Compliance and industry standards, such as HIPAA, SOX, and PCI. * A Familiarity in a DevOps or DevSecOps environment. * Successful internal candidates will have spent one year or more on their current team. Other Conditions * Management will review the Job Analysis for this position prior to a job offer. To Apply: Use the link below to upload all required documents to https://chm.tbe.taleo.net/chm02/ats/careers/requisition.jsp?org=COSTCO&cws=1&rid=2892 Apart from any religious or disability considerations, open availability is needed to meet the needs of the business. If hired, you will be required to provide proof of authorization to work in the United States. Applicants and employees for this position will not be sponsored for work authorization, including, but not limited to H1-B visas. Costco Wholesale Corporation Issaquah WA

Information Security Analyst #2869~

Costco Wholesale Corporation