Security Engineers work with cross-functional teams to design, implement, and support solutions for Domino’s Domestic and International business units, partners and customers. In addition, Security Engineers perform proof-of-concept tests, technical requirements gathering, documentation, diagrams, implementation activities, and maintenance of the Dominos ecosystem.
The role of the security engineer demands business insight; technical acuity; and the ability to think, communicate and write at various levels of abstraction.
- Responsible for setting up and maintaining a system or specific components of a system (installation, configuration, and updating hardware and software).
- Develop and document models, plans, diagrams, illustrations, and procedures in support of engineering activities and security related business initiatives.
- Advises business managers and customers of security requirements, configurations, and limitations.
- Assist with ongoing projects related to Information Security initiatives.
- Work with Information Security leadership, other Domino’s Technology teams and/or other business units to design, engineer, recommend, plan and execute technical projects to meet the needs of the business.
- Ensure that new technologies are reviewed and implemented, standards and security requirements are met, and interoperability needs are addressed.
- Assist business and support functions in evaluating tools and technology that support the enterprise's risk management approach.
- Develop, update, and/or maintain system documentation relative to best practices and/or standard operating procedures (SOPs).
- Integrate new systems into existing network architecture.
- Ability to design capabilities to find solutions to less common and more complex system problems.
- Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection/prevention, web server security, SAML/SSO platforms, PAM and MFA solutions.
- Deep knowledge of TCP/IP and related data network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, HTTP, SNMP etc., and advanced features like IPSEC and IPv6 related protocols and accompanying protocol analysis tools (Wireshark, TCPDump, etc)
- Knowledge of controls related to the use, processing, storage, and transmission of data.
- Practical understanding with web application firewalls, network access control, database security, content filtering, and vulnerability management
- An understanding of DDoS Mitigation strategies, Data Loss Prevention and SIEM (Security Information Event Management) solutions
- Strong knowledge of common vulnerabilities and exploitation techniques
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and recommend the most appropriate path forward
- Develop and enhance Continuous Integration/Continuous Delivery/Deployment and automated infrastructure provisioning DevOps fixtures including build processes
- Familiarity with Unix/Linux and container platforms (Docker, PKS, etc.)
- Advanced use of python, ruby, bash scripting in a DevOps setting
- Working knowledge of layered security architectures and designs
- A bachelor's or master's degree in computer science, information systems or other related field; or equivalent work experience.
- 5 -8 years of combined IT and security work experience, with 5+ years of experience in information security, particularly in an engineering role.
- Certified Information Systems Security Professional (CISSP) or Cisco Certified Internetwork Expert (CCIE Security) desired.