Senior Cybersecurity Engineer

Our mission is to connect people to their passions. Our four online stores—Backcountry, Competitive Cyclist, MotoSport and, SteepandCheap—aim to supply our customers with the gear, knowledge, and inspiration necessary to get out there and chase down life’s greatest moments. We do this by providing the biggest and best assortment of premium outdoor products, superior shopping experience, personalized Gearhead expertise, lightning-fast and accurate fulfillment, and inspirational, informative, and community-centered content.   As a Senior Cybersecurity Engineer, you will play a pivotal role in safeguarding our organization's information systems and networks from cyber threats. This position requires a seasoned professional with extensive experience in cybersecurity practices, risk management, and a deep understanding of the evolving cyber threat landscape. You will lead and contribute to the development, implementation, and maintenance of robust cybersecurity strategies and solutions. This role is challenging – above and beyond the day-to-day responsibilities, you’ll have a big role within a fast-paced team.  This position will report into the Director of Tech Ops

What you get to do every day:

• 
  
1.      Security Architecture:
• Design and implement a secure architecture for systems and applications.
• Evaluate and recommend security solutions to enhance the overall security posture.
2.      Security Infrastructure Management:
• Implement and manage security tools, such as firewalls, intrusion detection/prevention systems, and antivirus solutions.
• Maintain and update security policies, procedures, and documentation.
• Collaborate with IT teams to ensure security is integrated into system and network designs.
3.      Vulnerability Assessment and Penetration Testing:
• Conduct regular vulnerability assessments to identify and remediate potential security risks.
• Perform penetration testing to simulate cyber-attacks and identify vulnerabilities that could be exploited.
4.      Cloud Security:
• Ensure the security of cloud-based infrastructure and services.
• Implement and monitor security controls in cloud environments (e.g., AWS, Azure, Google Cloud).
5.      Security Automation:
• Develop and implement automation scripts and processes to streamline security tasks.
• Integrate security into the continuous integration/continuous deployment (CI/CD) pipeline.
6.      Research and Development:
• Stay current with industry trends, emerging technologies, and best practices in cybersecurity.
• Evaluate and recommend new security tools and technologies.
7.      Risk Management:
• Conduct risk assessments and implement risk mitigation strategies.
• Provide guidance on risk management to business units and project teams.
8.      Collaboration and Communication:
• Collaborate with cross-functional teams, including IT, development, and operations, to integrate security into all aspects of the organization.
• Communicate effectively with stakeholders to convey security risks and mitigation strategies.

What you bring to the role:

• Education: Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Certifications: 
• Relevant industry certifications (e.g., CISSP, CompTIA Security+, CEH) are preferred.
• GCP or AWS security certifications are a plus.
• Experience:
• Proven experience in managing website and web application security, including Web Application Firewalls (WAF), browser-based security (CSP, HSTS, XFO), OWASP Top 10, and related technologies.
• Proven experience in cybersecurity roles, including incident response, vulnerability management, and security infrastructure management.
• Knowledge: In-depth knowledge of networking protocols, security architectures, and common cyber threats.
• Preferred Experience: Experience working for e-commerce companies is desired. 
• Non-Technical Competencies:
• Evangelist for security best practices.
• Ability to translate technical issues into business language for end-users.
• Team Player with proven communication, organizational, and strong interpersonal skills.
• Self-motivated out-of-the-box problem solver with the ability to switch between team projects and self-directed work.
• Able to prioritize and drive to results.
 

What our interview process looks like:

• Depending on the position, our application and interview process may vary, but here are some of the ways we get to know you better:
• 📞 Step 1: Match most of the requirements and qualifications for the position? We want to chat. A recruiter will reach out to you via email to schedule some time to learn more about our company and get to know you better. Remember, you’re also interviewing us!
• 📝 Step 2: Our assessments (if applicable to the role) measure your analytical and business acumen. We use them to better understand your expertise. Each person interviewing for the same role receives the same assessment, which helps us evaluate candidates equally and consistently.
• 👩🏽‍💻Step 3: Virtual or in-person interviews depending on your location. Our hiring team will learn more about your prior experience and challenges you’ve faced. Be prepared with detailed examples. Concise and well-organized answers are ideal.
•  ✍🏽 Step 4: Offer! This is where things get really exciting. We gather all data from your interviews and conduct a final review. If qualified for the position, your recruiter will connect with you via phone to present a verbal offer we know you’ll be excited about.

CSC Generation family of brands provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, provincial, state or local laws.  CSC Generation family of brands is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or an accommodation due to a disability, please contact hrbenefits@cscshared.com.