Specialist, Security Engineer

At SpartanNash, we deliver the ingredients for a better life through customer-focused innovation. We do this for our supply chain customers and U.S. military commissaries, retail store guests and, most importantly, our Associates. In fact, we see a day when each will say, “I can’t live without them.”

Our SpartanNash family of Associates is 20,000 strong, ranging from bakery managers to order selectors; from IT developers to vice presidents of finance; from HR Business Partners to export specialists. Each of them plays an integral role in SpartanNash’s People First culture, Operational Excellence and Insights that Drive Solutions. Ready to contribute to the success of our food solutions company? Apply now!

Location:

850 76th Street S.W. - Byron Center, Michigan 49315

Job Description:

Position Summary:

This role is responsible to lead or participate in the development, design, implementation and maintenance of the Company's security technology, systems and information assets. Participate in the development of, and implement, security procedures and technologies to ensure system security and compliance. Act as a key point of contact and advise team on complex technical issues and resolution of such. 

Here’s what you’ll do: 

• Lead or participate in the development, design, implementation and maintenance of the Company's security technology, systems and information assets to protect against unauthorized access, modification, or destruction of the Company assets; evaluate and oversee potential security risks and work with internal IT teams, external vendors and cross-functional business partners as necessary.  

• Develop, implement and/or maintain a centralized Threat Intelligence, Data Loss Prevention and Monitoring system, an Incident Response system and playbooks to include forensics to safeguard information and data, coordinate with various IT and business areas accordingly.  

• Oversee and/or perform vulnerability scanning assessments for devices to verify compliance requirements.  

• Research and provide technical direction to support security technologies including data/security hardware platforms and software systems, IPS/IDS, vulnerability management, security metrics and incident response performance.  

• Participate in the development of, and implement, security procedures and technologies (i.e., firewalls, proxies, web security, etc.) to enhance information security through system/network monitoring, access control and security evaluations and to ensure compliance with regulations such as HIPPA, PCI, SOX, etc.  

• Conduct comprehensive vulnerability systems assessments to meet compliance objectives. Develop custom software solutions for security system operation, monitoring and support as appropriate.  

• Develop and maintain documentation of information security procedurals and configurations.  

• Assist in the specification of standards for new and existing security systems, software and hardware configuration and installation.  

• Develop and maintain security procedure documentation and troubleshooting documentation, user documentation for systems installed and/or created, and technical standards, procedures and techniques to ensure maximum system availability and performance levels, and/or specifications for security systems, software and hardware configuration and installation.  

• Responsible to assess the business impact of issues and act as a key point of contact and advise team on complex technical issues and resolution of such.  

• Identify issues, determine the appropriate resolution working cross-functionally as necessary, and partner with other IT areas to ensure resolution of security issues in a timely manner.  

• Participate in PCI and SOX external audits and internal control testing and maintain department compliance documentation.  

• Work with internal and external auditors as required related to security compliance audits.  

• Plan and implement timely upgrades, maintenance fixes and vendor-supplied patches for assigned systems hardware or software.  

• Conduct research in support of procurement or development efforts as assigned.  

• Recommend and execute modifications to improve efficiency, reliability and performance of infrastructure systems.  

• Participate in Disaster Recovery planning and practices as required.  

• Prepare and conduct presentations to IT management and discuss IT technology issues and solutions in a non-technical manner while ensuring understanding by targeted audience. 

• Additional responsibilities may be assigned as needed. 

Here’s what you’ll need: 

• Bachelor's Degree (Required) in Information Systems Security Computer Science or related field or equivalent combination of education and/or experience. 

• Seven years cyber security/Information Technology security experience. 

• Certified Information Systems Security Professional (CISSP) certification or Global Information Assurance Certification (GIAC) certification preferred. 

• Demonstrated knowledge of operating systems, communications protocols, and security concepts, best practices and procedures. In-depth knowledge of compliance regulations (i.e., SOX, PCI, and HIPAA) required.  

• Must have knowledge of data network concepts, protocols, practices, and procedures, and strong knowledge of network management and security.  

• Experience with security subsystems (e.g., firewalls, VPN servers. IDS/IPS, etc.).  

• Must have working knowledge of all IT security areas (e.g., servers, desktops, voice, Internet, and web technologies, etc.) and experience in administration and configuration of log management tools/SIEM.  

• Strong working knowledge of PC, server and network technologies.  

• Excellent written and verbal communications skills; ability to communicate IT related information in a non-technical manner.  

• Excellent analytical, problem solving, troubleshooting, decision-making and project management skills.  

• Excellent organization, prioritization and attention to detail skills.  

• Ability to lead projects and provide work direction to others.  

• Must be able to work independently and in team settings.  

• Must participate in an on-call rotation. 

 

Physical Requirements:

The physical demands described here are representative of those that must be met by an associate to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

May be required to lift and/or move 20 pounds. The associate is frequently required to sit/stand/walk. While performing the duties of this position, the associate is subject to a typical office environment and is rarely exposed to outside weather conditions. Temperatures may vary for those subject to any of the following areas: computer/server room, print shop, production area). The noise level in the work environment is usually low to moderate but may be high in distribution settings. Travel requirements vary by assignment.

As part of our People First culture, SpartanNash is proud to offer a robust and competitive Total Rewards benefits package.

SpartanNash is an Equal Opportunity Employer that invests in Associate development, recognizes and celebrates success, fosters two-way communication, and promotes a sense of belonging. We are committed to providing equal employment opportunities to all individuals, including those with disabilities and Veterans. 

We are not able to sponsor work visas for this position.