Monday , October 19 2020

Costco Jobs – Information Security Analyst

Costco Wholesale

Job Description

Information Security team member is to support the overarching values and business goals of Costco, including meeting legal, ethical and regulatory obligations; protecting member privacy; and maintaining a secure technology environment for our operations.

The Analysts perform monitoring and auditing of information system activities utilizing multiple security related tools to ensure security best practices are enforced; create and maintain documentation related to policies, standards and procedures; and mentor team members with lesser subject matter expertise, and provide consultative services to teams and stakeholders to improve their environments.  Also works with vendors for product consideration and recommendation.

Job Responsibilities

  • Assumes leadership role in advocating internally and externally for compliance to security measures to protect corporate applications and environments
  • Maintains updated environmental documentation
  • Coordinates with Incident Response team to remediate discovered security incidents as needed
  • Is an active and contributing member of the Security Operations team, actively participates in team activities and planning in regards to improving team skills, awareness, communication, reputation and quality of work
  • Collects and aggregates information from a wide variety of sources and format for relevance to our environment; monitors and provides metrics on threat level of data
  • Establishes rapport with other IS teams to mature the DLP program and efficiently scan the environment
  • Plans, develops, and executes DLP scans of a wide variety of global corporate and business information systems
  • Identifies, develops, and implements mechanisms to detect sensitive data and how they may lead to corporate incidents in order to enhance compliance with and support of security standards and procedures
  • Builds and maintains vendor partnerships to further Costco’s mission and goals
  • Effectively collaborates and communicates with Compliance, Internal Audit, the Business teams and others to identify, analyze and communicate risk and provide support around DLP management within their business requirements
  • Analyzes and responds to data loss incidents/alerts via enterprise console and other sources
  • Responds to tickets and incidents in a proactive manner
  • Works with information systems owners and administrators to understand their security needs and assist with implementing practices and procedures consistent with Costco’s security policies
  • Works analytically to solve both tactical and strategic problems within the DLP program
  • Understands compliance requirements that may impact security and effectively collaborate with business areas and project teams to develop security solutions that address these requirements

Job Requirements

  • Deep understanding of data loss prevention technologies covering data at rest, data in use, and data in motion.
  • Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Thorough experience with both Windows and Linux environments
  • Thorough hands-on experience with DLP scanning tools or endpoint protection
  • Thorough knowledge of DLP management process including remediation planning
  • Strong analytical skills, documentation skills and awareness of change management
  • Proactively pursue professional growth in the areas of technology, business knowledge, and Costco policies and platforms
  • Demonstrate a logical and structured approach to time management and task prioritization
  • Demonstrate a high level of communication skills, verbal and written
  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone
  • Ability to quickly understand security systems in order to identify and validate security requirements
  • Thorough understanding of security frameworks such as PCI, HIPAA, GDPR, etc.
  • Minimum of 5 years of experience in security in an enterprise environment

Job Details

Company: Costco Wholesale

Vacancy Type: Full-time

Job Location: Issaquah, Washington

Application Deadline: N/A