The role of every Information Security team member is to support the overarching values and business goals of Costco Wholesale as they relate to meeting legal, ethical and regulatory obligations; protecting member privacy; and maintaining a security technology environment for our operations. The Information Security Engineer provides consultative services, works with vendors for product consideration and recommendation, performs monitoring and auditing of information system activities, creates and maintains documentation related to policies, standards and procedures; and, mentors team members with lesser subject matter expertise.
Job Duties/Essential Functions
* Works with stakeholders to provide security solutions that support their business requirements. * Works to create roadmap for consolidation and integration of enterprise and/or security platforms. * Performs the project manager role on security-related projects. * Identifies existing security gaps and design remediation efforts to address those gaps. * Assess and/or design centralized user and configuration management systems. * Performs and/or coordinate regular security assessments of existing or new infrastructure. * Performs duties necessary to assist in establishing practices and system configurations to ensure the safety of information systems assets and to protect information systems from intentional or inadvertent access or destruction. * Works with information systems custodians (i.e., department managers, user community and systems administrators) at different levels in the organization to understand their respective security needs and assist with implementing practices and procedures consistent with Costco's Information Security Policy. * Assists with monitoring and auditing of information systems activities and systems to confirm information security policy compliance and provide management with security policy compliance assessments and system monitoring reports. * Develops and maintains centralized information systems security standards, procedures, and guidelines. * Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance with and support of security standards and procedures in place. * Conducts security risk assessments on new products and systems, periodic security risk assessments on existing systems and identify and/or recommend appropriate security countermeasures and best practices. * Responds to discovered security incidents by informing appropriate custodians, determining root cause, and identifying and executing remedial actions (if necessary) required to re-establish respective information system security. * Coordinates activities or engagements with loss prevention, interact with legal and law enforcement as required. * Regular and reliable workplace attendance at your assigned location.
* Assists in other areas of the department as necessary. * Assists in other areas of the company as necessary.
Ability to operate vehicles, equipment or machinery
* Successful internal candidates will have spent one year or more on their current team.
* Management will review the Job Analysis for this position prior to a job offer.
To Apply: Use the link below to upload all required documents to
Apart from any religious or disability considerations, open availability is needed to meet the needs of the business. If hired, you will be required to provide proof of authorization to work in the United States. Applicants and employees for this position will not be sponsored for work authorization, including, but not limited to H1-B visas.