Senior Security Engineer - Vulnerability Management

Bring Your Amazing Self to Work

At Macy's, Inc. we're on a mission to create a brighter future with bold representation for all. This is our Mission Every One. We know that each person here is unique. So we respect and invest in each individual to create growth, pride, and satisfaction. If we are able to bring our whole selves to work, it translates into a more abundant and wider array of ideas and energy for all to benefit from. Our success will be built on amazing colleagues, working together.

Job Overview

The Senior Vulnerability Engineer is a dedicated and detailed-oriented individual in Information Security Vulnerability Management. This hands-on role involves conducting vulnerability assessments on complex applications, operating systems, and wired and wireless networks. In response to an ever-changing threat landscape, they establish a proactive program to assess Macy’s resilience against real-world tactics, techniques, and procedures (TTPs).

What You Will Do

• Establish a risk-based approach for evaluating and prioritizing new and emerging threats.
• Stay current on emerging technology trends and the threat landscape, providing subject matter knowledge on specific adversarial threats and risks to assist with mitigation strategies.
• Understanding and knowledge of PCI requirements relating to vulnerability management.
• Participate in reviewing and developing security strategies, best practices, policies, and procedures.
• Provide leadership, share knowledge, and mentor team members.
• Build working relationships with Macy’s TMRC, leadership, and third parties to identify top threats.
• Communicate identified vulnerabilities and their potential impact to relevant stakeholders, and collaborate across teams on remediation. 
• Document detailed findings, analysis, and recommendations.

Skills You Will Need

Regulatory Compliance: Strong knowledge of regulatory compliance requirements, including PCI-DSS, SOX, and GLBA.

Security Infrastructure: Advanced knowledge in security infrastructure design and architecture for both new implementations and existing infrastructure.

Enterprise Security: Experience in designing and implementing enterprise-wide security strategies, policies, and standards.

Threat Protection: Experience protecting large enterprise environments from internal and external attacks.

Vulnerability Management: Strong understanding of network, physical, application, and web security as it relates to vulnerability management. Advanced knowledge of common vulnerabilities, testing approaches, and remediation strategies.

Security Technologies: Expert understanding of current and emerging security technologies, defense strategies, and industry standards. Ability to determine and recommend security-related products and activities, influencing decision-making processes.

Interpersonal Skills: Advanced leadership, facilitation, and interpersonal skills to work across functional lines and at various levels.

Communication: Excellent written and verbal communication skills, with the ability to read, write, and interpret instructional documents.

Certifications: One or more certifications such as CISSP, CEH, Security+, etc. 

Who You Are

• Dedicated to fulfilling ideals of diversity, inclusion, and respect that Macy’s aspires to achieve every day in every way.
• Candidates with a bachelor’s degree or equivalent work experience in a related field are encouraged to apply. 6-8 years of experience in Information Security or an equivalent combination of education and experience. 
• Regularly required to sit, talk, hear; use hands/fingers to touch, handle, and feel. Occasionally required to move about the workplace and reach with hands and arms. Requires close vision.
• Able to work a flexible schedule based on department and company needs.

What We Can Offer You

• An inclusive, challenging, and refreshingly fun work environment
• Competitive pay and benefits rooted in principles of equity
• Performance incentives and annual merit review
• Merchandise discounts
• Health and Wellness Benefits across medical, dental, vision, and additional insurance
• Retirement Savings Plan with 401k match opportunity
• Employee Assistance Program (mental health counseling and legal/financial advice)
• Resources for continuous learning, career growth, and leadership development
• 8 paid holidays
• Paid Time Off (first year prorated depending on start date)
• Tuition reimbursement program
• Colleague Resource Groups (CRGs) and give-back/volunteer opportunities
• Empowerment and autonomy to perform impactful work with tangible results

About Macy’s

Now is an exciting time for a Macy's career as we continue to focus on creating exciting and memorable experiences for every Macy's customer, whether their journey starts online or in the store. Our opportunities in Sales, Merchandise, Operations, Customer Service, Warehouse, Marketing, and other areas let you express your creativity and commitment to excellence, grow your career and make a difference to your Macy's colleagues and customers.

Bring your creativity, energy, and ideas to the Macy's team – Apply Today!

This job description is not all-inclusive. Macy's, Inc. reserves the right to amend this job description at any time. Macy's, Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.

LEGALRE00

TECH00