SENIOR ADVANCED SECURITY ENGINEER at Kroger Tech & Digital in Blue Ash, Ohio

Job Description:

Location: Cincinnati, OH, Boca Raton, FL, Charlotte, NC, or Portland, OR

**This role requires 4 days/ week onsite

As a Sr. Advanced Security Engineer on our CIS Cyber Resilience Team, you'll be at the forefront of protecting Kroger's digital assets. Your mission, should you choose to accept it, involves diving deep into application security, pen-testing, and secure coding practices. You'll play a crucial role in identifying and mitigating vulnerabilities, ensuring our applications and infrastructure are rock-solid.

What You'll Do:

• Assess & Protect: Conduct thorough security assessments and pen-tests on Kroger websites and services.
• API Security: Lead the charge in supporting our new solution for API-based security issues.
• Tool Mastery: Provide expert support for various application security tools, becoming the go-to person for all things security.
• Educate & Advocate: Help developers understand vulnerabilities and articulate the risks, guiding them on effective remediation techniques.
• Collaborate & Innovate: Work closely with architects, developers, and CIS counterparts, while also engaging with industry experts and utilizing cutting-edge tools to stay ahead of threats.

Skills Required:

• Experience with Dynamic Application Security Tools (specifically HCL Appscan, Burp Suite)
• Experience with Static Source Code Analysis Tools (specifically SNYK)
• Experience with Software Composition Analysis Tools (specifically SNYK)
• Experience with API Security Tools (specifically NoName Security)
• Experience with PostMan API Platform
• Proficiency in programming and scripting languages.

Responsible for the planning, design and build of security architectures to ensure strong security posture, compliance with regulations, and safeguard customer's data. Manage information systems security, including disaster recovery, database protection, and software development. Demonstrate the company's core values of respect, honesty, integrity, diversity, inclusion and safety.From one tiny Cincinnati grocery store more than a century ago, we've grown into what today is the nation's largest grocer with nearly 2,800 stores in 35 states operating under 28 different names. As America's grocer, we take pride in bringing diverse teams with a passion for food and people together with one common purpose: To Feed the Human Spirit. With a history of innovation, we work tirelessly to create amazing experiences for our customers, communities AND each other, with food at the heart of it all.

Here, people matter. That's why we strive to provide the ingredients you need to create your own recipe for success at work and in life. We help feed your future by providing the value and care you need to grow. If you're caring, purpose-driven and hungry to learn, your potential is unlimited.

Whether you're seeking a part-time position or a new career path, we've got a fresh opportunity for you. Apply today to become part of our Kroger family!

What you'll receive from us:

The Kroger Family of Companies offers comprehensive benefits to support your Associate Well-Being, including Physical, Emotional, Financial and more. We'll help you thrive, with access to:

• A wide range of healthcare coverage, including affordable, comprehensive medical, dental, vision and prescription coverage, through company plans or collective bargaining agreement plans.
• Flexible scheduling in full- and part-time roles with paid time off, including holiday and sick pay based on eligibility and length of service.
• Emotional and financial support with free counseling through our Employee Assistance Program and free, confidential financial tools and coaching with Goldman Sachs Ayco.
• Valuable associate discounts on purchases, including food, travel, technology and so much more.
• Up to $21,000 in tuition reimbursement over your career, through our industry-leading Continuing Education program.
• Vast potential for growth, through an abundance of industry-leading training programs and diverse career pathways.

For more information about benefits and eligibility, please visit our Benefits Page ! Minimum
- Bachelor's Degree computer science, information systems, or related technical field
- 10+ years of experience in a related security field
- Proven ability to design and build scalable, high volume, and low latency applications
- Experience in one or more of the common languages (e.g., Perl, Python, Ruby, shell scripting)
- Advanced knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)

Desired
- Master's Degree computer science, information systems, or related technical field- Oversee information security tools/services including; Identity & Access mgmt, cloud security, cryptography, logging & alerting, security operation, malware detection, incident response, vulnerability scanning, penetration testing, security architecture, & digital forensics
- Guide the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures
- Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software
- Monitor server and firewall logs, scrutinize network traffic, establish and update vulnerability scans
- Analyze and resolve highly complex and unique security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required
- Manage and ensure the security of databases and data transferred both internally and externally
- Oversee penetration testing of all systems in order to identify system vulnerabilities; design, implement, and report on security system and end user activity audits
- Develop new and modify existing security policies and procedures to maintain compliance
- Evaluate existing and recommend new and emerging security technologies
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts
- Communicate important updates with key stakeholders across the organization
- Coach and mentor other members of the security engineering team
- Must be able to perform the essential job functions of this position with or without reasonable accommodation

Apply Now