Job Details

ID #44741391
State Florida
City Lakeland
Job type Permanent
Salary USD TBD TBD
Source Publix
Showed 2022-08-10
Date 2022-08-09
Deadline 2022-10-08
Category Et cetera
Create resume

Principal IT Security Analyst Penetration Testing-Rem

Florida, Lakeland, 33801 Lakeland USA

Vacancy expired!

Publix Super Markets, Inc. is the largest privately-owned food retailer in the nation with more than 1,200 stores and more than 200,000 associates throughout the Southeast. We are associate-owned, proud of our family atmosphere, and consistently named as one of the best companies to work for in America. We are largely debt-free and renowned for our financial performance as well as our premier customer service. Publixs Information Services (I/S) department is located in Lakeland, Florida and Alpharetta, Georgia and employs over 1000 associates. I/S provides the information technology required for all Publix business units including retail stores and all office and warehouse environments. The Publix I/S mission is to maximize the value of information technology to Publix associates and customers. Publix is able to offer virtual/remote employment for this position in the following states: FL, GA, AL, TN, SC, NC, VA The job responsibilities for this position are:

  • leading moderate to large size application, system, and network penetrationteststo verify that security defenses, standards, and best practices are properly and effectively implemented.
  • preparing and documenting, and delivering the results of scans and teststo associates responsible for remediation
  • planning,documenting,and tracking remediation activities
  • responsible for providing security consultation to I/S and other Publix business areas typically on SOX, HIPAA, and PCI regulationsand highly sensitive systems and architectures
  • performing penetration tests on new IT solutionsagainstsecurity best practices to determine gaps and suggest options for remediation
  • responsible for development and documentation of requirements and design for moderate to large security solution components, including rules, dashboards, as well as scripts to facilitate penetration testing activities
  • responsible for providing leadership and work prioritization for securitytabletopand purple teamingprojects
  • responsible for maintaining personal business and technical knowledge to train others in IS
  • responsible for planning activities within the Security Assurance Penetration Team
  • must have a Bachelors Degree in Management Information Systems, Computer Science, or other technical/analytical disciplines, or equivalent experience,
  • must have at least four years of experience in IT security in one or more of the following areas, enterprise network & host penetration assessments, network & host penetration tools and methods, remediation management
  • Six or more years of experience in one or more of the following: Active Directory Penetration Testing, Red Team Operations, Purple Team assessments, Mobile and/or Web Application assessments, Phishing.
  • Six or more years of experience in one or more of the following: Kali Linux, Cobalt Strike, Metasploit, Bloodhound, BurpSuite, Nessus.
  • Experience in AWS or Azure penetration testing.
  • Experience in MITRE ATT&CK Tactics and Techniques such as performing defense evasion techniques against modern AV/EDR solutions
  • Experience in Command and Control (C2) infrastructure setup such as creating/registering domains, setting up redirectors, etc.
  • Continued education including additional or advanced degrees in analytical, technical, or business discipline,
  • six or more years of experience leading and performing vulnerability/remediation management, vulnerability assessments or penetration testing of mobile, web, and in-house systems and applications in a large distributed environment,
  • six or more years of experience automating dashboards and reports to collect, organize, analyze, and distribute enterprise scanning tools data,
  • strong interpersonal and leadership skills including experience in organizing, planning, and executing large scale, cross-functional efforts,
  • strong understanding of Windows, Linux/Unix, and Cloud architectures including secure configuration of these operating systems and environments,
  • strong understanding of networking infrastructure components and protocols including wireless, firewalls, and/or network-based intrusion detection/prevention,
  • a strong understanding of ethical hacking methodologies, frameworks, and industry resources, e.g. OWASP, OSSTMM, NIST, SANS/CWE, to maintain, improve, and benchmark the Penetration Testing Program is desired
  • One or more of the following certifications: GIAC Penetration Tester (GPEN), Offensive Security Certified Professional (OSCP), Certified Red Team Operator (CRTO), Offensive Security Experienced Penetration Tester (OSEP)
  • Employee stock ownership plan that contributes Publix stock to associates each year at no cost
  • An opportunity to purchase additional shares of our privately-held stock
  • 401(k) retirement savings plan
  • Group health plan (with prescription benefits)
  • Group dental plan
  • Group vision plan
  • Sick pay
  • Paid Parental Leave
  • Long-term disability insurance
  • Company-paid life insurance (with accidental death & dismemberment benefits)
  • Tuition reimbursement
  • Vacation pay
  • Free hot lunches (buffet-style) at facilities with a cafeteria
  • Paycheck direct deposit
  • Credit union
  • Access to over 50 discount offers including discounts on computer, vehicle and wireless purchases
  • 6 paid holidays (associates can exchange the following holidays with their managers approval: New Years Day, Memorial Day, Fourth of July, and Labor Day).

Vacancy expired!

Subscribe Report job