Senior Systems Engineer - Threat and Vulnerability Management (Remote)

Overview

This position is responsible for the continuous operation of the Global Information Security Operations Center and Threat and Vulnerability Management group.  This individual and staff are responsible for providing continuous monitoring of Office Depot’s global computing environment, ensuring the integrity of the environment.  They are responsible for securing our environment and monitoring our environment for attempts to breach its security. The work of this group includes managing the various scanning tools, assessing and analyzing the data collected from those tools, as well as tracking and reporting on suspicious activity. Additionally, they are responsible for leading penetration tests, ethical hacking, and red team exercises. This position is responsible for detecting intrusions and leading our response to any intrusion.

Primary Responsibilities:

• Manage, implement and monitor a strategic, comprehensive enterprise-wide information security monitoring and operation program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
• Design, develop and recommend security standards and implement them.
• Manage information security activities related to the protection of PCI and PII information.  Ensure that Office Depot follows all applicable regulatory and compliance directives and policies regarding securing and monitoring of PCI and other sensitive information.
• Provide expertise to executive management on a broad range of information, security standards and best practices.
• Provide strategic and tactical security guidance for key IT projects, including the evaluation and recommendation of technical controls.
• Liaise with the Information Security Architecture & Engineering team and the Information Security Information Assurance team.
• Liaise between the information security team and corporate compliance, audit, legal, Security/Safety and HR management teams as required.
• Create and facilitate the information security risk assessment process, including reporting and oversight of remediation efforts to address negative findings and management of outside assessors.
• Manage security incidents and events to protect corporate IT assets, including intellectual property, fixed assets, and the company's reputation.
• Coordinate the use of external resources involved in the information security program, including managing external resources.
• Develop business-relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security program.
• Direct the implementation of security technologies including (a) evaluating security products; (b) installing security products and making necessary system changes; (c) developing rollout plans and communications to Office Depot’s staff; and (d) training and coordinating with other IT departments.        

Education and Experience:

• Bachelor's degree or equivalent experience
• Area of Study: Preference for a degree in Computer Science, Electrical or Software Engineering, or similar technical field of study
• Minimum Years of Experience: 4
• Technical Competencies & Information Systems: Expertise in generic information security standards and experience in deploying some set of these standards like PCI, SOX, Sans and ISO 27001-27005.
• Vendor training and certifications (e.g., CISSP, CISM, CISA, CEH) are required.
• Skills & Abilities:
  • Thorough understanding of following technologies/systems: Networking; Firewall (Checkpoint); NIPS, network monitoring (Checkpoint, AirDefense, SNORT); HIDS (Tripwire); VPN (Cisco); Proxy (Bluecoat); Spam appliance (Postini); Server architectures including hardening frameworks; Endpoint firewall, antivirus, patching, and client hardening frameworks;  End user authentication (Microsoft Azure), PKI (CAC, Microsoft), Enterprise tools, event management (Qualys, Splunk Enterprise, Microsoft Defender); Application related – SQL injection, cross site, mobile, database, scripting languages, Web (Apache, IIS, Tomcat, WebSphere). Bugcrowd. Email anti-phishing (Proofpoint).
  • Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors, assessors, and inspectors.
  • Critical thinkers with strong problem-solving skills.  Thorough project management skills.
  • Ability to lead and motivate cross-functional, interdisciplinary response teams.
  • High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
  • High degree of initiative, dependability, and ability to work with little supervision.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

About The ODP Corporation
The ODP Corporation is a leading provider of products and services through an integrated business-to-business (B2B) distribution platform and omnichannel presence, which includes world-class supply chain and distribution operations, dedicated sales professionals, online presence, and a network of Office Depot and OfficeMax retail stores. Through its operating companies Office Depot, LLC and ODP Business Solutions, LLC, The ODP Corporation empowers every business, professional, and consumer to achieve more every day.

Disclaimer

The above statements are intended to describe the general nature and level of work being performed by associates assigned to this classification and are not intended to be a complete list of all responsibilities, duties and skills required of associates so classified. Other duties may be assigned. 

Pay, Benefits & Work Schedule: The salary range for this role is $94,800/year to $110,000/year, however all state and local minimum wages will be complied with, resulting in a possible adjustment to the salary range displayed.

The company offers competitive salaries, a benefits package, which includes a 401(k) and more, along with plenty of opportunity to move and grow within our organization! For immediate consideration for this exciting position, please click the Apply Now button.

How to Apply

Click the Apply Now button and follow the instructions on each page. When you have completed the application, click the submit button.

Application Deadline

The job posting will remain open for a minimum of 3 days and will expire once the position has been filled.

Equal Employment Opportunity

The company is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law.

We will consider for employment qualified applicants with arrest and conviction records City & County of San Francisco Fair Chance Ordinance.