IT Security Engineer
Description
Job Title: IT Security Engineer
Who we are:
As one of the largest for-profit thrift operators in the United States, Canada and Australia for value priced pre-owned clothing, accessories and household goods, our mission is to champion reuse and inspire a future where secondhand is second nature. We supply our stores with gently-used, one-of-a-kind items that have been donated by the community to local nonprofit organizations. We purchase these items directly from our nonprofit partners, redirecting billions of pounds of used items away from landfills and on to our store racks and shelves for reuse, and providing our partners with valuable funding for their community-based programs and services. You’ll often hear us say that we are “Thrift Proud.” It’s the millions of loyal customers who visit our 300+ stores and our more than 22,000 team members that make it possible. Learn more about the Savers® family of thrift stores, our impact, and the #ThriftProud movement at savers.com.
Our brands are Savers (in the U.S.), 2nd Ave (in the U.S.), Value Village (in the U.S. and Canada), Unique (in the U.S.), Village des Valeurs (in Quebec) and Savers Australia.
What you can expect:
What you can expect:
- The opportunity to celebrate uniqueness. We are made up of people from many different backgrounds, experiences, and perspectives, all with something special to contribute.
- To work in a purpose-driven company, with a business model that people love for our impact on both the planet and local communities.
- An investment in the career path interests of our people. With our aggressive store expansion plans, we recognize the importance of the continued growth and development of our team members.
What you get:
Comprehensive onboarding and training from day one.
In-house expertise! Our training department / Savers University develops and delivers robust training to every team member across our organization — from new hires to senior executives. We develop around 90% of our training internally, and partner with a variety of renowned providers to supplement our offerings.
In-house expertise! Our training department / Savers University develops and delivers robust training to every team member across our organization — from new hires to senior executives. We develop around 90% of our training internally, and partner with a variety of renowned providers to supplement our offerings.
Benefits offerings including:
- Bundled health plans such as medical, Rx, dental and vision
- Company-paid life insurance for extra protection and peace of mind
- Programs to stop smoking, diabetes management coaching, and on demand care options.
- A 401k plan with generous company matching contributions to assist you in saving for a secure financial future.
- Paid time off from work for leisure or other hobbies.
- A range of mental health services to assist you in managing daily life.
What you’ll be working on:
We are seeking an experienced Security Incident Response Analyst to be responsible for monitoring, investigating, and responding to security incidents to protect our organization’s critical assets. You’ll collaborate with the security team to develop and implement incident response plans, perform root cause analysis, and recommend security improvements to enhance our overall cybersecurity posture.
We are seeking an experienced Security Incident Response Analyst to be responsible for monitoring, investigating, and responding to security incidents to protect our organization’s critical assets. You’ll collaborate with the security team to develop and implement incident response plans, perform root cause analysis, and recommend security improvements to enhance our overall cybersecurity posture.
Essential Job Functions:
- Monitoring, analyzing, and correlating security logs, alerts, and events from multiple sources (SIEM, EDR, network, cloud) to detect, triage, and investigate potential security incidents.
- Collaborating with security operations and cross-functional teams to develop, maintain, and execute incident response plans, standard operating procedures and grow the program to adapt to current and future threats.
- Assist in the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
- Performing detailed root cause and impact analysis to determine attack vectors, affected assets, services and potential business risk associated with security incidents.
- Coordinating and executing incident response activities across the full incident lifecycle, including identification, containment, eradication, and recovery.
- Documenting incident response actions, timelines, and findings, and producing clear, actionable incident reports and post-incident reviews for technical teams and leadership.
- Recommending, validating, and assisting with the implementation of security control improvements, detections, and process enhancements based on incident trends and lessons learned.
- Conducting research regarding the latest methods, tools, and trends in attack techniques and behaviors.
- Assist in internally assessing, evaluating and making recommendations to management regarding the adequacy and advancement of security controls for Savers.
- Assist system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.
What you have:
Required Knowledge, Skills, and Abilities:
- Must have a deep understanding of technical intrusion activities, incident response techniques, tools, and procedures.
- Must have thorough knowledge of and hands-on experience with SIEM technologies.
- Execute incident response actions including host isolation, account containment, and malicious artifact removal on multiple platforms like SaaS, PaaS, IaaS, Physical and Hybrid instances.
- Conduct initial and deep-dive forensic analysis (process execution, persistence mechanisms, lateral movement indicators).
- Scope incidents to determine affected users, systems, data, and potential business impact.
- Optimize SIEM correlation rules, EDR detections, and alert thresholds to improve signal quality.
- Create and maintain detection logic, queries, and dashboards for improved SOC visibility.
- Thorough knowledge of digital forensics methodology as well as security architecture, system administration, and networking (including TCP/IP, DNS, HTTP, SMTP).
- Validate new detections through testing and simulation (working experience red & blue team exercises)
- Experience with programming languages such as Python, PowerShell, KQL, SQL, etc.
- Collaborate with engineering, infrastructure, and platform teams to onboard new log sources and telemetry
- Excellent written and verbal communication skills
- Excellent organization, time management, and attention to detail.
- Must be action-oriented and have a proactive approach to solving issues.
- Ability to work individually and as part of a team.
Minimum Required Education, Training and Experience:
- GCIH preferred
- 1-3+ years of SOC or Incident Response experience
Preferred Education, Training and Experience:
- Associates or bachelor’s degree in computer science preferred, Cyber Security, or related field
- One or more of the following incident response certifications; E|CIH, IHRP, CSIH, CIHE
- Bonus: One or more of the following forensic investigation certifications; CHFI, CFCE, CCE, CSFA, GCFA
Physical Requirements: Ability to lift and carry up to 25 lbs.
Tools and Equipment Used:
- Standard office tooling, O365, Visio
- Laptop or desktop computer, Telephone
FLSA: Exempt
Travel: 10% or less
Work Type/Location: 2041 S. Cobalt Point Way STE 200 Meridian, ID
Savers is an E-Verify employer