Data Engineer – Costco Jobs
Job Description
Job Type: Data Engineer from home
Location: Texas work from home
Company: Costco
Position Description:
This Engineer role will be a critical member of the Security Engineering – Data Security team, which will design, develop, and deploy DLP-related products, services, programs, and initiatives. They will also collaborate with management and vendors on product consideration; perform auditing of information system activities; provide consultative services as a Subject Matter Expert; drive innovation in technology, process, and procedure; maintain operational excellence for their tools, services, and programs; create and maintain documentation related to policies, standards, and procedures; and lead and mentor team members with less subject matter expertise. This will entail collaborating with numerous groups across IT, both domestically and abroad.
ROLE
- Evaluates existing Security Engineering platforms and technologies.
- Provides a path for addressing capacity gaps, improving maturity, and innovating.
- Identifies, develops, and executes systems for detecting sensitive data and security issues in order to improve compliance with and support for existing security standards and procedures.
- Team members are mentored and developed.
- Tooling and instrumentation are evaluated and hardened to prevent cybersecurity exploits.
- Performs duties required to assist in the establishment of procedures and system configurations to ensure the safety of information system assets and to secure information systems from unauthorized or unintentional access or destruction.
- Work with information system custodians (i.e., department managers, user community, and systems administrators) at various levels of the organization to understand their respective security needs and to assist in the implementation of practices and procedures consistent with Costco’s Information Security Policy.
- Helps in the monitoring and auditing of information system activities and systems in order to validate information security policy compliance and to deliver security policy compliance assessments and system monitoring reports to management.
- Collaborates with stakeholders to develop security solutions that meet their business needs.
- Conducts security risk assessments on new goods and systems, as well as on existing systems on a regular basis, to discover and/or recommend relevant security countermeasures and best practices.
- Coordinates loss prevention initiatives and interactions with legal and law enforcement as needed.
- Identifies security gaps that expose Costco to potential exploits and prepares short and long term priority remediation plans to remedy those gaps, ensuring management is kept up to date on the risk.
REQUIRED
- Subject Matter Expertise with Data Loss Prevention capabilities such as Data Discovery, Data Tagging, Data Classification, Data Segregation, and Data Loss Prevention.
- Subject Matter Expertise with Data Loss Prevention (DLP) capabilities for data at rest, data in use, and data in transit.
- Hands-on expertise with a variety of DLP tools, including Symantec/McAfee DLP, Tanium, Proofpoint/Mimecast/Netskope, Google Workspace/Google Cloud, CASB, Structured and Unstructured Data Discovery and Management.
- Hands-on expertise with and knowledge of one or more operating systems, including Windows, Linux, AIX, macOS, and iSeries.
- Experience in automation and orchestration in the management of server and workstation infrastructure at scale.
- Proficiency with at least one scripting/programming language, such as PowerShell, shell scripting, Python, and so on.
- API integration experience with various systems.
- DLP technology experience and integration with network platforms such as firewalls, UTMs, and proxies.
- Expertise with network segmentation and/or security zones for data classification-appropriate data protection.
- Working knowledge of authentication protocols such as Kerberos, SAML, OAUTH, and others is required.
- Eager to share expertise and aid coworkers in understanding technical and business problems.
- Working understanding of security standards and practices for information systems (e.g., access control, system hardening, system auditing, log file monitoring, security policies, and incident handling).
- Knowledge of networking protocols, web technologies, and cloud computing is required.
- Ability to understand data and processes related to information security in order to identify potential compliance concerns.
- The ability to swiftly grasp complex data flows in order to identify and confirm security requirements.
- Must be a team player that is eager to build strong positive working relationships with all aspects of the organization.
- Capability to function efficiently without assistance or supervision.
- Innovative, imaginative, and quick to respond with a strong feeling of urgency.
- Ability to convey information security issues clearly to executives, auditors, end users, and engineers by utilizing suitable language, examples, and tone.