Cooper's Hawk Winery & Restaurant
Senior Information Security Engineer
Cooper's Hawk Winery & Restaurant, Downers Grove, Illinois, United States, 60516
As a member of the Coopers Hawk Information Security Team, the
Information Security Engineer Application, Cloud, and Infrastructure Security
will be responsible for protecting our enterprise systems and hybrid infrastructure, including Azure, Oracle Cloud, Salesforce, and on-premises environments. This role focuses on securing systems, applications, and services supporting our business, such as the wine club, restaurant, website, mobile apps, and POS. Youll help implement security best practices across cloud and on-prem platforms, ensuring data protection, regulatory compliance, and resilience against modern threats. Youll collaborate with teams across Applications, Data & Digital, and Infrastructure & Operations to embed security into our technology ecosystem. What Youll Do :
Design, implement, and maintain security controls across Coopers Hawks hybrid infrastructure, focusing on Microsoft Azure, Oracle Cloud (ERP, Simphony POS), and Salesforce Commerce Cloud, ensuring secure configurations and minimal attack surface. Develop and maintain secure configuration standards for cloud services, especially Azure. Engineer and manage security tools across cloud and on-prem environments, including Microsoft Defender for Endpoint, Defender for Identity, Cisco VPN, Meraki firewalls, and Cloudflare WAF. Integrate security into the SDLC by embedding SAST, DAST, and SCA tools into GitHub and CI/CD pipelines, promoting secure coding through threat modeling and code reviews. Strengthen APIs and customer-facing applications, including Salesforce Commerce Cloud, using best practices. Manage Cloudflare WAF policies, bot mitigation, and access rules to protect against OWASP Top 10 threats, credential stuffing, and scraping attempts. Secure restaurant technology, including Oracle Simphony POS and mobile devices, ensuring PCI-DSS 4.0 compliance through segmentation, endpoint protection, and logging. Support identity and access controls across Azure Entra ID and on-prem Active Directory, including Conditional Access Policies, RBAC, JIT, and MFA. Monitor and respond to threats by tuning detections, supporting investigations, and coordinating incident containment and recovery with MDR and SOC teams. Conduct threat modeling, risk assessments, and security reviews, especially for new cloud deployments and integrations. Perform vulnerability assessments and penetration testing, tracking remediation to closure based on risk. Lead and participate in security projects, including PCI-DSS audits, NIST CSF 2.0 alignment, and cloud security improvements. Research emerging threats, CVEs, and TTPs to maintain defenses and detection rules. What Youll Need :
Bachelors degree in information security, Computer Science, or related field, or equivalent experience. 5+ years of experience in infrastructure and application security within hybrid environments. Technical expertise with Windows Server, Active Directory, Entra ID, and networking concepts. Experience with enterprise security tools like EDR, IPS, IAM, DLP, vulnerability management. Knowledge of cloud security best practices, especially in Azure and AWS. Understanding of application security principles, OWASP Top 10, secure SDLC, API security. Experience integrating security into DevOps pipelines, managing WAFs, API gateways, and bot protection. Familiarity with Salesforce security configurations. Hands-on with SIEM, IDS/IPS, endpoint protection, firewalls, monitoring tools. Knowledge of PCI-DSS, NIST CSF, SOX/ITGC frameworks. Strong communication and problem-solving skills, ability to work across teams. Ability to design and maintain security controls aligned with best practices. Preferred Qualifications
Security certifications (e.g., CISSP, CISM, CCSK). Experience in hospitality, restaurant, or retail industry. Familiarity with DevSecOps and CI/CD security practices. Compensation Range : $120,000-$150,000 annually, based on experience and qualifications. What Youll Get :
Discounts on dining and retail wine, events, and tasting experiences. Comprehensive health insurance, 401(k), HSA, disability, life insurance, and parental leave. Paid time off, recognition programs, gym membership, flexible hybrid work schedule, and incentives. Coopers Hawk is an equal opportunity employer and provides reasonable accommodations during the employment process. The benefits listed are highlights; eligibility varies. About Us
Cooper's Hawk Winery & Restaurants aims to bring the Napa Valley experience nationwide, combining tasting rooms with restaurants and scratch kitchens. Our wines have won awards, and we are committed to community through food and wine, with a large wine club membership. #J-18808-Ljbffr
Information Security Engineer Application, Cloud, and Infrastructure Security
will be responsible for protecting our enterprise systems and hybrid infrastructure, including Azure, Oracle Cloud, Salesforce, and on-premises environments. This role focuses on securing systems, applications, and services supporting our business, such as the wine club, restaurant, website, mobile apps, and POS. Youll help implement security best practices across cloud and on-prem platforms, ensuring data protection, regulatory compliance, and resilience against modern threats. Youll collaborate with teams across Applications, Data & Digital, and Infrastructure & Operations to embed security into our technology ecosystem. What Youll Do :
Design, implement, and maintain security controls across Coopers Hawks hybrid infrastructure, focusing on Microsoft Azure, Oracle Cloud (ERP, Simphony POS), and Salesforce Commerce Cloud, ensuring secure configurations and minimal attack surface. Develop and maintain secure configuration standards for cloud services, especially Azure. Engineer and manage security tools across cloud and on-prem environments, including Microsoft Defender for Endpoint, Defender for Identity, Cisco VPN, Meraki firewalls, and Cloudflare WAF. Integrate security into the SDLC by embedding SAST, DAST, and SCA tools into GitHub and CI/CD pipelines, promoting secure coding through threat modeling and code reviews. Strengthen APIs and customer-facing applications, including Salesforce Commerce Cloud, using best practices. Manage Cloudflare WAF policies, bot mitigation, and access rules to protect against OWASP Top 10 threats, credential stuffing, and scraping attempts. Secure restaurant technology, including Oracle Simphony POS and mobile devices, ensuring PCI-DSS 4.0 compliance through segmentation, endpoint protection, and logging. Support identity and access controls across Azure Entra ID and on-prem Active Directory, including Conditional Access Policies, RBAC, JIT, and MFA. Monitor and respond to threats by tuning detections, supporting investigations, and coordinating incident containment and recovery with MDR and SOC teams. Conduct threat modeling, risk assessments, and security reviews, especially for new cloud deployments and integrations. Perform vulnerability assessments and penetration testing, tracking remediation to closure based on risk. Lead and participate in security projects, including PCI-DSS audits, NIST CSF 2.0 alignment, and cloud security improvements. Research emerging threats, CVEs, and TTPs to maintain defenses and detection rules. What Youll Need :
Bachelors degree in information security, Computer Science, or related field, or equivalent experience. 5+ years of experience in infrastructure and application security within hybrid environments. Technical expertise with Windows Server, Active Directory, Entra ID, and networking concepts. Experience with enterprise security tools like EDR, IPS, IAM, DLP, vulnerability management. Knowledge of cloud security best practices, especially in Azure and AWS. Understanding of application security principles, OWASP Top 10, secure SDLC, API security. Experience integrating security into DevOps pipelines, managing WAFs, API gateways, and bot protection. Familiarity with Salesforce security configurations. Hands-on with SIEM, IDS/IPS, endpoint protection, firewalls, monitoring tools. Knowledge of PCI-DSS, NIST CSF, SOX/ITGC frameworks. Strong communication and problem-solving skills, ability to work across teams. Ability to design and maintain security controls aligned with best practices. Preferred Qualifications
Security certifications (e.g., CISSP, CISM, CCSK). Experience in hospitality, restaurant, or retail industry. Familiarity with DevSecOps and CI/CD security practices. Compensation Range : $120,000-$150,000 annually, based on experience and qualifications. What Youll Get :
Discounts on dining and retail wine, events, and tasting experiences. Comprehensive health insurance, 401(k), HSA, disability, life insurance, and parental leave. Paid time off, recognition programs, gym membership, flexible hybrid work schedule, and incentives. Coopers Hawk is an equal opportunity employer and provides reasonable accommodations during the employment process. The benefits listed are highlights; eligibility varies. About Us
Cooper's Hawk Winery & Restaurants aims to bring the Napa Valley experience nationwide, combining tasting rooms with restaurants and scratch kitchens. Our wines have won awards, and we are committed to community through food and wine, with a large wine club membership. #J-18808-Ljbffr