Senior Information Security Engineer

Company Description

Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today’s needs and tomorrow’s next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we’re living in and that we have the power to shape.

Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.

Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.

Job Description

Do you love to configure, architect and integrate security tools at scale?  Are you excited be the thought of finding the next great security tool, testing it and integrating it into a Fortune 500 company?  If yes to both, we invite you to join our dynamic information security architecture team where you’ll play a critical role with technologies, processes, integrated solutions, and most importantly people across the enterprise!

We are seeking an experienced and visionary Security Tools Engineer with a profound systems-level understanding of the role security plays in manufacturing, engineering, infrastructure, applications, and cloud. This role places a strong emphasis on expertise in network security, defense in depth, cybersecurity resiliency, and associated capabilities. The successful candidate will possess exceptional communication and collaboration skills, enabling them to effectively tailor discussions to a diverse range of stakeholders. Your expertise and innovative thinking will directly impact the decisions related to the security of infrastructure and data. The Security Tools Engineer will be a key partner to various Information Security teams, as well as across the Information Technology team.  You will work with networking, data center/server, identity and access management, cybersecurity, cloud, and will proactively engage across the enterprise, collaborating with business functions such as engineering and manufacturing. This role requires a keen focus on details, strong organizational skills, and the ability to assess requirements and develop secure solutions that align with business objectives.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Architectural Design and Tool Assessment: Partner with the Lead Security Architect to create a comprehensive systems-level understanding of the organization's infrastructure, applications, and cloud services. Implement robust security architectures that support defense in depth technologies and cybersecurity resiliency. Design secure solutions for complex environments that focus on production quality, resource availability, workflow enablement and productivity.
• Firewall and Tool Administration: Be able to configure and maintain network firewall policies, and administer security tools such as; EDR, PKI, Vulnerability Scanners, Email Security.
• Cybersecurity Subject Matter Expertise: Provide subject matter expertise in network firewalls, intrusion detection / prevention, network segmentation, data protection in motion, network architecture, DNS, endpoint detection and response, network detection and response, data loss prevention, and other cybersecurity related solutions.
• Cybersecurity Representative for Operational Processes: Partner with key stakeholders, technical experts, and business leaders to support operational objectives, define strategies, validate technical configurations, and design policies to safeguard against advanced threats and attacks. Represent information security in key approval processes such as change management, architectural review boards, firewall management, new technology implementation, and security integration.
• Collaboration and Communication: Collaborate closely with cross-functional security teams as well as other technology teams across the company. Tailor communication to effectively convey security concepts to technical and non-technical audiences across the organization. 
• Business Partnership: Proactively engage with business units such as engineering, manufacturing, and other functions to understand their security needs and challenges. Translate these insights into effective security solutions that align with overall business objectives. 
• Security Solutioning: Evaluate business requirements and technical constraints to identify, pilot, and design secure and innovative solutions. Ensure that security measures complement the organization's strategic and operational goals. 
• Risk Assessment and Mitigation: Assist with technical security assessments and security architecture reviews to identify vulnerabilities and potential risks. Collaborate with teams to implement mitigation strategies and enhance overall security posture.
• Security Standards and Best Practices: Lead the development and maintenance of security standards, guidelines, and documentation related to systems architecture, network firewalls, and associated technologies. 
• Continuous Learning: Stay up-to-date with emerging security trends, threats, and technologies. Apply this knowledge to enhance the organization's security framework.

Qualifications

REQUIRED:

• 6+ years of experience in Information Security Engineering roles, with a strong focus on systems-level understanding, data flows / electronic data interchange (EDI), cloud security, network security, endpoint security, data loss prevention, and associated technologies.
• Hands-on experience with administration and configuration of enterprise firewall technologies.
• Hands-on experience configuring enterprise information security technology like EDR, Email Security, Vulnerability Management.

PREFERRED:

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 5+ years of experience in the manufacturing industry with a strong focus on business enablement, resource availability, and intellectual property protection.
• Passion for driving innovative information security solutions across the entire IT technical stack.
• Professional certifications such as CISSP, CISM, or related credentials.

SKILLS:

• Keen ability to build relationships, collaborate with peers, and drive success in complex and complicated situations with aggressive expectations and deadlines.
• Strong understanding of network protocols, encryption, and security best practices.
• Excellent communication and collaboration skills with the ability to engage effectively with and lead discussions on technical and non-technical topics with key stakeholders.
• Experience working with and presenting to senior leadership with a focus on managing and aligning execution with strategic objectives.
• Proven experience in assessing complex requirements and translating them into practical, secure solutions.
• Familiarity with cloud security architecture and cloud service providers is advantageous.
• Knowledge of compliance standards and regulations (e.g., GDPR, NIST CSF, NIST 8183, PCI, IATF, ISO27001) is beneficial.

Additional Information

Sandisk is committed to providing equal opportunities to all applicants and employees and will not discriminate based on their race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person’s gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person’s assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the Equal Employment Opportunity is the Law poster.

Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.

Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at jobs.accommodations@wdc.com to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.

Based on our experience, we anticipate that the application deadline will be 05/26/2025 (3 months from posting), although we reserve the right to close the application process sooner if we hire an applicant for this position before the application deadline. If we are not able to hire someone from this role before the application deadline, we will update this posting with a new anticipated application deadline.

#LI-RT1

Compensation & Benefits Details

• An employee’s pay position within the salary range may be based on several factors including but not limited to (1) relevant education; qualifications; certifications; and experience; (2) skills, ability, knowledge of the job; (3) performance, contribution and results; (4) geographic location; (5) shift; (6) internal and external equity; and (7) business and organizational needs.
• The salary range is what we believe to be the range of possible compensation for this role at the time of this posting.  We may ultimately pay more or less than the posted range and this range is only applicable for jobs to be performed in California, Colorado, New York or remote jobs that can be performed in California, Colorado and New York.  This range may be modified in the future.
• You will be eligible to participate in Sandisk's Short-Term Incentive (STI) Plan, which provides incentive awards based on Company and individual performance.  Depending on your role and your performance, you may be eligible to participate in our annual Long-Term Incentive (LTI) program, which consists of restricted stock units (RSUs) or cash equivalents, pursuant to the terms of the LTI plan. Please note that not all roles are eligible to participate in the LTI program, and not all roles are eligible for equity under the LTI plan. RSU awards are also available to eligible new hires, subject to Sandisk's Standard Terms and Conditions for Restricted Stock Unit Awards.
• We offer a comprehensive package of benefits including paid vacation time; paid sick leave; medical/dental/vision insurance; life, accident and disability insurance; tax-advantaged flexible spending and health savings accounts; employee assistance program; other voluntary benefit programs such as supplemental life and AD&D, legal plan, pet insurance, critical illness, accident and hospital indemnity; tuition reimbursement; transit; the Applause Program, employee stock purchase plan, and the Sandisk's Savings 401(k) Plan.
• Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.