Staff Cybersecurity Penetration Tester Job at Southern Glazer's Wine and Spirits

Job Title: Staff Cybersecurity Penetration Tester

Shape a remarkable future with us. Build a career working for an industry leader that truly invests in their people – and equips them with leading technology, continuous learning, and the ability to bring their best selves to work.

Southern Glazer’s is a family-owned business with deep roots dating back to 1933 and is recognized by Newsweek as one of America’s Greatest Workplaces for Inclusion and Diversity.

As a full-time employee, you can choose from a wide-ranging menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan.

Overview

The Staff Cybersecurity Analyst plays a pivotal role in safeguarding the organization's sensitive information by leveraging advanced security tools and methodologies. This position involves conducting comprehensive system and network assessments to identify and address policy deviations and investigating sophisticated security events to mitigate threats.

Primary Responsibilities

• Participate in security assessment development and guide content review.
• Understand and practice operating procedures and supports related communication and implementation.
• Provide mentoring and strategic guidance on projects, programs, tools, systems, applications, and networks to ensure proactive identification and mitigation of security risks.
• Work with data to identify patterns related to threat analysis.
• Hypothesize & validate new threats and indicators of compromise.
• Research, analyze, and document the applicability and feasibility of Cyber technology in support of SGWS security.
• Leads in the design, development, implementation, and management of core processes.
• Guides solution options and decision making for security concerns and infractions.
• Perform penetration testing on applications, networks, APIs, and cloud environments in accordance with established methodologies and industry standards.
• Prepare detailed technical reports and executive summaries outlining findings, risk ratings, and remediation recommendations.
• Lead and participate in red team exercises and advanced adversary simulations as required.
• Maintain up-to-date knowledge of emerging threats, attack techniques, and security tools.
• Must be available to work nights and weekends as needed to support penetration testing windows and related security activities.

Preferred Qualifications

• Advanced penetration testing certifications, e.g., OSCP, OSEP, OSCE3, etc.
• Advanced Information Security Certifications, e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), etc.
• Extensive experience in the development and implementation of security strategies, policies, and procedures.
• Advanced knowledge of firewalls and encryption to identify potential weaknesses and implement measures.
• Strong understanding of security controls, conceptual models, and frameworks to monitor security posture and enhance security features.
• Proven ability to manage several projects simultaneously from design to implementation, while balancing multiple stakeholder priorities.
• Ability to monitor and report status on security matters to develop security risk analysis scenarios and response procedures.
• Proficiency in advanced security tools and technologies.
• Knowledge and application of advanced threat detection and mitigation techniques.
• Experienced with cloud security solutions and best practices.
• Expertise in network security protocols and practices.

Minimum Qualifications

• 8+ years of experience in IT/network security/cybersecurity.
• Extensive experience in information risk concepts and principles, as a means of relating business needs to security controls.
• Proficiency with security frameworks (e.g., NIST, ISO, etc.).
• Proven experience in working with multiple, diverse technologies and processing environments.

EEO Statement

Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.