Whole Foods Market is synonymous with impeccable standards and the highest quality products available. Our Information Technology Team is looking for a Security Operations Engineer to help drive the Information Security program forward.
The Information Security team owns the end-to-end security of all systems and data across Whole Foods Market.
As a Security Operations Engineer you will help ensure our systems and services are designed and implemented to the highest standards. If you enjoy analyzing, discovering and addressing security issues and quickly reacting to new threat scenarios, this position will provide you with a challenging opportunity. You will also participate in building out our visibility, detection and response capabilities across the global infrastructure of Whole Foods Market.
This role will draw on multiple disciplines:
· Security Engineering: emphasis on operating systems and networking, foundational Internet services, modern exploitation techniques, and hacking tools.
· Data Science and Intelligence Analysis: emphasis on detecting anomalies in large unstructured data sets, ability to synthesize data and reports from different sources, make logical inferences about that data, and publish results.
· Software Development: ability to develop your own small tools and scripts to aid in data processing or other aspects of an investigation.
· Bachelor’s degree in Computer Science or related field or equivalent experience.
· 4+ years of experience in Security Operations using performing Incident response, Forensics and analysis. Expertise in writing run books, and complexity analysis.
· Runs vulnerability scans and reviews vulnerability assessment reports. Manages and configures security monitoring tools (netflows, IDS, correlation rules, etc.)
· Strong experience in security engineering and network technologies(PCAP, Netflow), Operating Systems and network security, common attack patterns and exploitation techniques
· Practical knowledge of system security analysis techniques such as threat modeling, attack graphs, etc.
· Data Science techniques such as clustering, anomaly detection, and machine learning leveraging data analysis tools such as OSSEC, Splunk, Behavioral Analytics, SQL, R, or MatLab
· Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
· Excellent written and verbal communication skills
· Master’s in Computer Science or related field
· Security certifications (CISSP, GCIA, GCIH, GCFA, GCFE etc.)
· Experience with Security Operations, Incident Response, Threat Hunting and Assurance methodologies e.g. fuzzing, static and dynamic code analysis
· Experience with common attack patterns and exploitation techniques. Ability to write fully functional exploits for common vulnerabilities such as simple stack overflow, cross-site scripting, or SQL injection
· Experience in using standard Security Assessment and Penetration Testing tools such as BurpSuite, Metasploit, and IDA Pro
· Knowledge of technical security issues facing large multinational companies
Amazon is an Equal Opportunity-Affirmative Action Employer – Minority / Female / Disability / Veteran / Gender Identity / Sexual Orientation / Age