IT Security Administrator

Join us at WinCo Foods, where we're more than just a grocery retailer - we're a growing family of over 140 supermarkets in 10 states with over 22,000 employee owners. Our purpose is to make the lives of our customers and employee owners better by offering the lowest possible prices to feed their families. Currently, WinCo is the second largest Employee-Owned company in the United States. With more than 500 millionaire employee-owners in our Employee Stock Ownership Plan (ESOP). Our benefits, including top-tier medical plans and tuition support set us apart. In your role, you'll be instrumental in making a real impact in the communities we serve, embodying our purpose every day.

Job Summary

Responsible for administration, support, and documentation for WinCo Foods IT Security technology solutions. Actively monitor and respond to current security threats and counter-measures, recommending control improvements to prevent future threats and mitigate risks. Ensure ongoing regulatory compliance and the protection of WinCo Foodss payment systems and digital assets. Collaboration with cross functional teams such as Finance, Human Resources, Payroll and IT to cultivate WinCo Foods security culture. Consistently provides friendly, courteous customer service to internal and external customers. Perform other related work.

Typical Duties and Responsibilities:

• Maintain an atmosphere of friendly, enthusiastic customer service with an emphasis of taking care of the customer. Provide exceptional customer service with users by telephone, email, and in person.
• Work with network, server, and application teams to ensure logical and physical security of all systems and data.
• Administer and support security solutions, including malware prevention, IDS/IPS, firewall, web proxy, WAF, WCF, vulnerability scanning, and SIEM technologies.
• Work with network and server teams to ensure security patches and fixes are installed, in accordance with periodic vulnerability and risk assessments.
• Resolve helpdesk tickets, issue escalations and provide on-call support for security technologies.
• Monitor security logs and alerts to identify and respond to technology problems, anomalies, and suspicious activity.
• Respond in a timely manner to security incidents and coordinate necessary response, containment, forensics, and mitigation.
• Assist with the evaluation, testing, recommendation and implementation of new security technologies.
• Identify security gaps then research product, services, standards, and best practices to mitigate risk.
• Assist with the collection and analysis of forensic evidence and audit data.
• Assist with PCI compliance assessments and work with IT and other business units to ensure PCI compliance is maintained
• Produce periodic reports on security metrics and incidents.
• Review, implement and document security policies, procedures, and standards.
• Promote security awareness across the organization through end-user training, knowledge transfer and documentation of threats and vulnerabilities.
• Participate as subject matter expert for information security on company technology projects and for technology changes.
• Regularly review security related configurations of firewalls, routers, wireless clients, VPNs and proxy access.
• Performs other projects and duties as needed and assigned.

Requirements

Education:

• High School Diploma or equivalent

Experience:

• Minimum two (2) years in an IT or Information Security roll OR equivalent combination of education, training, and/or experience demonstrating considerable knowledge of security administration.
• Working technical knowledge of design considerations for Internet firewall, LAN, WAN, WLAN, VPN, Windows Server, Unix/Linux and OSI layer protocols, including TCP, UDP, ICMP, DNS, HTTP(s), SMTP, etc.
• Demonstrating knowledge of support and administration of PC, network, server, or security technologies.
• Working directly with enterprise security solutions such as antivirus, encryption methodologies, IPS/IDS, Web Content Filtering, authentication and authorization methodologies, and email security.
• Demonstrating Familiarity with security tools used for penetration testing, vulnerability scanning and forensics.
• Implementing security best practices related to networks, servers, and end-user devices.
• Hands-on hardware and software troubleshooting responsibility.
• Demonstrating knowledge of applicable data privacy practices and laws.
• Strong customer service experience.
• Experience working in a team-oriented, collaborative environment.
• Demonstrating strong working knowledge of Microsoft Office (Excel, Word, Outlook, etc.) software.

Ability to:

• Consistently provide world class customer service to internal and external customers.
• Demonstrate strong organizational skills, initiative and self-direction to effectively manage time and perform tasks to ensure timelines and work quality are met.
• Demonstrate strong analytical and problem solving skills with keen attention to detail.
• Learn and apply new/emerging technologies and trends.
• Communicate and present technical information clearly and effectively to management and end-users in written and verbal form.
• Be highly motivated with a passion for IT Security
• Develop and maintain cooperative working relationships with fellow employees and outside contacts, user groups, vendors and other internal and external customers.
• Maintain a high degree of confidentiality with sensitive information.
• Respond to security alerts/incidents on an on-call basis and as required which may include evenings and weekends.
• Multi-task and work in a fast-paced, multiple-priority environment.
• Respectfully challenge standard practices to identify improved practices and processes.

Preferred Education, Experience and/or Credentials:

• Two (2) years direct experience providing administration and support for security technologies.
• Experience with open-source operating systems and security related tools.
• Experience ensuring compliance of the PCI DSS framework.
• One or more industry recognized security certifications such as: CISSP, CISM, GIAC, CEH, etc.
• One or more industry recognized technology certification such as: MSCE, CCNA, CCNP, etc.
• Knowledge of security concepts, principles and industry-recognized security frameworks such as COBIT, ISO 27002, NIST SP 800, etc.

The above statements are intended to describe the general nature of work performed by the employees assigned to this job. All employees must comply with Company policies and applicable laws. The responsibilities, duties and qualifications required of personnel may vary.

As the WinCo Foods community continues to grow, our variety of perspectives and wide range of experiences are essential to our strategy and success. We are committed cultivating and celebrating an inclusive environment in which all employees are valued and respected.

Fraud alert: WinCo advises job seekers to be cautious of unsolicited job offers and to verify the authenticity of any communication claiming to be from WinCo by checking the official WinCo careers website.