Senior Information Security Engineer

Company Description

Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today’s needs and tomorrow’s next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we’re living in and that we have the power to shape.

Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.

Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.

Job Description

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Architectural Design and Tool Assessment: Partner with the Lead Security Architect to create a comprehensive systems-level understanding of the organization's infrastructure, applications, and cloud services. Implement robust security architectures that support defense in depth technologies and cybersecurity resiliency. Design secure solutions for complex environments that focus on production quality, resource availability, workflow enablement and productivity.
• Firewall and Tool Administration: Be able to configure and maintain network firewall policies, and administer security tools such as; EDR, PKI, Vulnerability Scanners, Email Security.
• Cybersecurity Subject Matter Expertise: Provide subject matter expertise in network firewalls, intrusion detection / prevention, network segmentation, data protection in motion, network architecture, DNS, endpoint detection and response, network detection and response, data loss prevention, and other cybersecurity related solutions.
• Cybersecurity Representative for Operational Processes: Partner with key stakeholders, technical experts, and business leaders to support operational objectives, define strategies, validate technical configurations, and design policies to safeguard against advanced threats and attacks. Represent information security in key approval processes such as change management, architectural review boards, firewall management, new technology implementation, and security integration.
• Collaboration and Communication: Collaborate closely with cross-functional security teams as well as other technology teams across the company. Tailor communication to effectively convey security concepts to technical and non-technical audiences across the organization. 
• Business Partnership: Proactively engage with business units such as engineering, manufacturing, and other functions to understand their security needs and challenges. Translate these insights into effective security solutions that align with overall business objectives. 
• Security Solutioning: Evaluate business requirements and technical constraints to identify, pilot, and design secure and innovative solutions. Ensure that security measures complement the organization's strategic and operational goals. 
• Risk Assessment and Mitigation: Assist with technical security assessments and security architecture reviews to identify vulnerabilities and potential risks. Collaborate with teams to implement mitigation strategies and enhance overall security posture.
• Security Standards and Best Practices: Lead the development and maintenance of security standards, guidelines, and documentation related to systems architecture, network firewalls, and associated technologies. 
• Continuous Learning: Stay up-to-date with emerging security trends, threats, and technologies. Apply this knowledge to enhance the organization's security framework.

Qualifications

REQUIRED:

• 6+ years of experience in Information Security Engineering roles, with a strong focus on systems-level understanding, data flows / electronic data interchange (EDI), cloud security, network security, endpoint security, data loss prevention, and associated technologies.
• Hands-on experience with administration and configuration of enterprise firewall technologies.
• Hands-on experience configuring enterprise information security technology like EDR, Email Security, Vulnerability Management.

PREFERRED:

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 5+ years of experience in the manufacturing industry with a strong focus on business enablement, resource availability, and intellectual property protection.
• Passion for driving innovative information security solutions across the entire IT technical stack.
• Professional certifications such as CISSP, CISM, or related credentials.

SKILLS:

• Keen ability to build relationships, collaborate with peers, and drive success in complex and complicated situations with aggressive expectations and deadlines.
• Strong understanding of network protocols, encryption, and security best practices.
• Excellent communication and collaboration skills with the ability to engage effectively with and lead discussions on technical and non-technical topics with key stakeholders.
• Experience working with and presenting to senior leadership with a focus on managing and aligning execution with strategic objectives.
• Proven experience in assessing complex requirements and translating them into practical, secure solutions.
• Familiarity with cloud security architecture and cloud service providers is advantageous.
• Knowledge of compliance standards and regulations (e.g., GDPR, NIST CSF, NIST 8183, PCI, IATF, ISO27001) is beneficial.

Additional Information

Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.

Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at jobs.accommodations@sandisk.com to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.

NOTICE TO CANDIDATES: Sandisk has received reports of scams where a payment is requested on Sandisk’s behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline or email compliance@sandisk.com.