Sr. Information Security Engineer

About Blackhawk Network

Today, through BHN’s single global platform, businesses of all kinds can tap into the world’s largest network of branded payment solutions. BHN helps businesses grow revenue, increase loyalty, motivate and reward their teams, disburse funds and engage consumers. Branded payment solutions include the issuance and distribution of gift cards, egifts, corporate payouts and rewards, along with the technology to deliver these products in seamless, integrated ways. BHN’s network spans the globe with more than 400,000 consumer touchpoints. Learn more at BHN.com.

Overview

We are looking for an experienced and highly motivated Enterprise Information Security Engineer II to join our security team. In this role, you will be responsible for implementing, automating, and managing security solutions across the enterprise infrastructure. You will work with a variety of security tools, including Axonius, CrowdStrike, and others, to ensure that our network, systems, and cloud environments are secure. The ideal candidate will have a strong foundation in security controls, scripting, automation, and working with a diverse range of technologies in a fast-paced, evolving environment.

Responsibilities

• Security Engineering and Automation:
  • Design, implement, and automate security controls for a wide range of technologies including Active Directory, firewalls, networking, cloud environments (AWS, Azure, GCP), and operating systems (Windows, Linux, macOS).
  • Develop and maintain automated scripts (e.g., in Python, PowerShell, or Bash) to streamline security operations, incident response, and vulnerability management processes.
  • Leverage security tools such as Axonius, CrowdStrike, Tenable, Splunk,  to automate monitoring, reporting, and alerting for security incidents.
  • Automate data gathering, integration, and reporting across security platforms to enable better security posture and compliance visibility.
• Monitoring, Detection, and Response:
  • Implement logging, monitoring, and alerting solutions across corporate networks, cloud environments, and endpoints to detect and respond to security incidents.
  • Develop and enhance SIEM (Security Information and Event Management) capabilities for better visibility and response to security events.
  • Work with security tools to ensure endpoint protection, including vulnerability management, patching, and threat hunting, specifically leveraging tools like CrowdStrike for endpoint protection and threat intelligence.
• Identity and Access Management:
  • Lead efforts around the implementation of Identity and Access Management (IAM) solutions to enforce security policies, including OAuth2, SSO, SAML, Federated Identity, and RBAC.
  • Ensure appropriate controls are in place to manage access to sensitive corporate and production data, leveraging IAM tools and automation to minimize manual interventions.
• Security Architecture and Risk Management:
  • Design and implement secure architecture for both corporate and production systems, ensuring "defense-in-depth" strategies are applied.
  • Conduct threat modeling, vulnerability assessments, and risk analysis to continuously improve security posture.
  • Participate in the development and enforcement of security policies, procedures, and standards to ensure compliance with regulatory frameworks such as PCI, SOX, SOC-2, HIPAA, GDPR, NIST, and ISO.
• Collaboration and Independence:
  • Work collaboratively with cross-functional teams (DevOps, IT, Cloud, etc.) to integrate security practices into development pipelines and IT operations.
  • Be capable of working independently or with minimal supervision, managing tasks, priorities, and deadlines effectively.
  • Assist in mentoring and providing guidance to junior team members as needed.
• Continuous Improvement and Research:
  • Stay updated on emerging security threats, vulnerabilities, and technologies to continuously enhance security practices and tooling.
  • Develop and contribute to best practices for automation and optimization of security operations.
•  

Qualifications

• Experience:
  • 4+ years of hands-on experience in the following areas:
    • Security control implementations for technologies including Active Directory, Firewalls, Networking (VPNs, proxies, IDS/IPS), Cloud Services (AWS, Azure, GCP), and Operating Systems (Windows, Linux, macOS).
    • Security tool integration and automation using tools such as Axonius, CrowdStrike, Splunk, Palo Alto, Qualys, and others.
    • Implementing defense-in-depth security designs for corporate and production infrastructure.
    • Scripting and automation of security tasks using Python, PowerShell, Bash, or similar languages.
    • Working with SIEM systems, including log aggregation, alerting, and automated response mechanisms.
• Technical Skills:
  • Expertise in Identity and Access Management concepts such as OAuth2, SSO, SAML, Federated Identity, and RBAC.
  • Deep understanding of network security concepts (e.g., firewall configuration, network segmentation, proxies, and IPS/IDS systems).
  • Strong knowledge of endpoint security, threat detection, and incident response, specifically leveraging tools like CrowdStrike for endpoint monitoring and response.
  • Experience with application security practices such as SAST, DAST, and WAF implementations.
  • Familiarity with compliance frameworks such as PCI, SOX, SOC-2, HIPAA, GDPR, NIST, and ISO, and ensuring systems and infrastructure meet these standards.
• Certifications (Preferred):
  • SANS GIAC, CISSP, ISC2, ISACA, OSCP/OSCE, or equivalent security certifications.
• Additional Requirements:
  • Ability to work in a fast-paced, dynamic environment with minimal supervision.
  • Strong communication skills and ability to collaborate effectively with cross-functional teams.
  • Willingness to participate in on-call rotations for critical issues.
•