Principal Information Security Engineer

Aaron's, Inc Kennesaw , GA 30152

Posted 2 weeks ago

Principal Information Security Engineer

Apply Now Save Job View Saved Jobs

Job ID 8782 Date posted 01/06/2021 Location: Kennesaw, Georgia

About Aaron's:

We are Aaron's - an industry leader in the sales and lease-to-own retail industry known for quality brand names and superior customer service. We provide our team members the opportunity to reach their full potential in a team-oriented, high-energy, recognition-based environment with competitive pay and benefits. This is much more than a job - it is a career with purpose.

About Aaron's Tech:

In recent years, we've been on a journey to transform our business model with technology. We're not the slow, old-fashioned retailer you think we are. We used to be, but those days are long gone. In fact, we don't even think of Aaron's as a retail company. Instead, we think of Aaron's as a technology company that happens to sell and lease furniture, electronics and appliances. This way of thinking has demanded a massive shift in who we hire, how we organize and lead our teams, and how we deliver our technology and services. It's simple: we hire smart people who are motivated by delivering big, impactful results, we point them at big problems to solve, and we get out of their way. We believe our technology team is unique and special, and after learning about us, we believe you will think so too. Find out more at http://tech.aarons.com/.

The Principal Information Security Engineer - Cyber Incident Response Team (CIRT) is responsible for the planning, designing, implementing, and validating innovative security solutions that will continually mature Aaron's CIRT security detect and respond capabilities. The engineer will lead the generation and deployment of automated detection and response processes including the MITRE ATT&CK driving detection techniques while helping to support and enhance the daily operations of the CIRT team. The engineer will also contribute to the strategy, process, and technology improvements and excellence in the CIRT function.

Duties and Responsibilities:

  • Accountable for the planning, designing, implementing, and deploying automated solutions that smartly detect and respond to advanced threats, either through custom-built solutions or through third-party tool integration or both.

  • Drive the integration of threat intelligence data sources to enrich CIRT functions across Aaron's enterprise network.

  • Ensure that automatic attack processes are generating accurate and valuable alerts in Aaron's SIEM.

  • Provide technical guidance and support to other CIRT engineers on advanced SIEM rule writing alerting.

  • Assist CIRT operations engineers in advance threat analysis and investigations if necessary in the event of a security event.

  • Continually monitor the security industry for attack trends and ensure those trends are handled in our automated testing solutions.

  • Automating processes for remediating and maintaining security controls.

  • Work closely with the CIRT lead to learn and implement creative solutions that increase the CIRT team's productivity and capability maturity.

  • Recognizes and identifies potential areas where existing data security policies and procedures require change, or where new ones need to be developed

  • Serve as a technical mentor and subject matter expert for the Information Security.

Education and Experience:

  • Ten (10) or more years' experience in an Information Technology related role.

  • Five (5) or more years' experience in an Information Security role or related.

  • Bachelor's or Master's Degree in a relevant field highly preferred.

  • OSCP, CISM, CISSP, PCIP, ISA, GWAPt, GPEN or equivalent certifications preferred.

Required Skills and Competencies:

  • Proven experience with automated attack testing solutions and technologies (i.e., Atomic Red Team).

  • Proven experience with attack and penetration (A&P) techniques and tools.

  • Working knowledge of alerting and reporting systems including SIEM technologies.

  • Proficiency with syslog reporting, parsing, and forwarding technologies.

  • Proven experience with configuring and operating Microsoft and Linux operating systems for both desktop and server systems.

  • Strong knowledge of cloud-based technologies including Azure, Office 365, etc.

  • Practical experience with programming languages (C#, Python, PowerShell, Bash, SQL, etc.)

  • Strong working knowledge of DNS, DHCP, and network security protocols.

  • Strong working knowledge of IPS / IDS / Next-Generation Firewalls.

  • Ability to efficiently troubleshoot and resolve technical issues.

  • Ability to communicate and collaborate effectively across teams inside and outside of the Information Security group.

  • Demonstrate a strong sense of ownership and ability to drive the solution of a problem from end to end.

  • Apply creative, enthusiastic, and "out-of-box" approaches to solving information security problems while balancing the business's needs.

  • Exhibit excellent verbal and written communication skills, including describing or explaining complex processes and issues in a concise manner.

Rewards

Team members enjoy access to career training and advancement opportunities, and are rewarded with competitive compensation and a comprehensive benefits package, which includes:

  • Paid time off including vacation days, sick days and holidays

  • Medical, dental & vision insurance

  • Maternity and Paternity Leave

  • 401(k) plan with company match

  • Flexible spending accounts

  • Life insurance

  • Disability benefits

  • Stock Purchase Plan

  • Team Member purchase discounts

About Aaron's

At Aaron's we offer sales and lease-to-ownership of specialty items including furniture, consumer electronics, home appliances, and accessories throughout the United States and Canada. Our customers shop at Aaron's for the same reason you should choose us for the next step in your career - our ability to positively influence people's lives. If you are looking for a company with the passion and dedication to make a difference in the lives of customers and team members alike, join us today.

Aaron's is committed to creating a diverse and inclusive work environment, celebrates our team members' differences, and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, pregnancy, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, military duty, gender expression, genetic information, or any other protected class. Candidates who require accommodation during the recruitment process should contact hrsupport@aarons.com.

Aaron's is an Equal Opportunity Employer

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Principal Information Security Engineer

Aaron's

Posted 2 months ago

VIEW JOBS 12/11/2020 12:00:00 AM 2021-03-11T00:00 About Aaron's: We are Aaron's - an industry leader in the sales and lease-to-own retail industry known for quality brand names and superior customer service. We provide our team members the opportunity to reach their full potential in a team-oriented, high-energy, recognition-based environment with competitive pay and benefits. This is much more than a job - it is a career with purpose. About Aaron's Tech: In recent years, we've been on a journey to transform our business model with technology. We're not the slow, old-fashioned retailer you think we are. We used to be, but those days are long gone. In fact, we don't even think of Aaron's as a retail company. Instead, we think of Aaron's as a technology company that happens to sell and lease furniture, electronics and appliances. This way of thinking has demanded a massive shift in who we hire, how we organize and lead our teams, and how we deliver our technology and services. It's simple: we hire smart people who are motivated by delivering big, impactful results, we point them at big problems to solve, and we get out of their way. We believe our technology team is unique and special, and after learning about us, we believe you will think so too. Find out more at http://tech.aarons.com/. The Principal Information Security Engineer - Cyber Incident Response Team (CIRT) is responsible for the planning, designing, implementing, and validating innovative security solutions that will continually mature Aaron's CIRT security detect and respond capabilities. The engineer will lead the generation and deployment of automated detection and response processes including the MITRE ATT&CK driving detection techniques while helping to support and enhance the daily operations of the CIRT team. The engineer will also contribute to the strategy, process, and technology improvements and excellence in the CIRT function. Duties and Responsibilities: * Accountable for the planning, designing, implementing, and deploying automated solutions that smartly detect and respond to advanced threats, either through custom-built solutions or through third-party tool integration or both. * Drive the integration of threat intelligence data sources to enrich CIRT functions across Aaron's enterprise network. * Ensure that automatic attack processes are generating accurate and valuable alerts in Aaron's SIEM. * Provide technical guidance and support to other CIRT engineers on advanced SIEM rule writing alerting. * Assist CIRT operations engineers in advance threat analysis and investigations if necessary in the event of a security event. * Continually monitor the security industry for attack trends and ensure those trends are handled in our automated testing solutions. * Automating processes for remediating and maintaining security controls. * Work closely with the CIRT lead to learn and implement creative solutions that increase the CIRT team's productivity and capability maturity. * Recognizes and identifies potential areas where existing data security policies and procedures require change, or where new ones need to be developed * Serve as a technical mentor and subject matter expert for the Information Security. Education and Experience: * Ten (10) or more years' experience in an Information Technology related role. * Five (5) or more years' experience in an Information Security role or related. * Bachelor's or Master's Degree in a relevant field highly preferred. * OSCP, CISM, CISSP, PCIP, ISA, GWAPt, GPEN or equivalent certifications preferred. Required Skills and Competencies: * Proven experience with automated attack testing solutions and technologies (i.e., Atomic Red Team). * Proven experience with attack and penetration (A&P) techniques and tools. * Working knowledge of alerting and reporting systems including SIEM technologies. * Proficiency with syslog reporting, parsing, and forwarding technologies. * Proven experience with configuring and operating Microsoft and Linux operating systems for both desktop and server systems. * Strong knowledge of cloud-based technologies including Azure, Office 365, etc. * Practical experience with programming languages (C#, Python, PowerShell, Bash, SQL, etc.) * Strong working knowledge of DNS, DHCP, and network security protocols. * Strong working knowledge of IPS / IDS / Next-Generation Firewalls. * Ability to efficiently troubleshoot and resolve technical issues. * Ability to communicate and collaborate effectively across teams inside and outside of the Information Security group. * Demonstrate a strong sense of ownership and ability to drive the solution of a problem from end to end. * Apply creative, enthusiastic, and "out-of-box" approaches to solving information security problems while balancing the business's needs. * Exhibit excellent verbal and written communication skills, including describing or explaining complex processes and issues in a concise manner. Rewards Team members enjoy access to career training and advancement opportunities, and are rewarded with competitive compensation and a comprehensive benefits package, which includes: * Paid time off including vacation days, sick days and holidays * Medical, dental & vision insurance * Maternity and Paternity Leave * 401(k) plan with company match * Flexible spending accounts * Life insurance * Disability benefits * Stock Purchase Plan * Team Member purchase discounts About Aaron's At Aaron's we offer sales and lease-to-ownership of specialty items including furniture, consumer electronics, home appliances, and accessories throughout the United States and Canada. Our customers shop at Aaron's for the same reason you should choose us for the next step in your career - our ability to positively influence people's lives. If you are looking for a company with the passion and dedication to make a difference in the lives of customers and team members alike, join us today. Aaron's is committed to creating a diverse and inclusive work environment, celebrates our team members' differences, and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, pregnancy, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, military duty, gender expression, genetic information, or any other protected class. Candidates who require accommodation during the recruitment process should contact hrsupport@aarons.com. Aaron's is an Equal Opportunity Employer Other details * Job Family Store Support Center * Job Function Information Technology Apply Now * 500 Chastain Center Blvd, Kennesaw, GA 30144, USA Aaron's Kennesaw GA

Principal Information Security Engineer

Aaron's, Inc