Responsibilities
H-E-B is a leading innovator in technology, and recently we've been investing in our customers' digital experience. Our Digital Technology Partners collaborate to design, construct, implement, and support technology solutions, using the best available technologies to deliver modern engagement, reliability, and scalability to meet customer needs.As an Application Security Engineer II, you will collaborate with internal teams and external vendors, gathering requirements and crafting innovative security solutions. You'll create and test specifications to implement documented security measures effectively.Once you're eligible, you'll become an Owner in the company, so we're looking for commitment, hard work, and focus on quality and Customer service. 'Partner-owned' means our most important resources--People--drive the innovation, growth, and success that make H-E-B The Greatest Omnichannel Retailing Company.Do you have a:HEART FOR PEOPLE... a strong collaborative mindset?HEAD FOR BUSINESS... an ownership mentality? desire to deliver timely, high-quality software?PASSION FOR RESULTS... drive for secure, compliant engineering?We are looking for:- 2+ years of experience developing / supporting enterprise system and security solutions.What is the work?Design & Development / Information Technology:- Masters CI / CD pipelines; creates patterns of automation, infrastructure deployment, maintenance, monitoring, security, and compliance using industry and enterprise best practices.- Works with Digital Tech teams to design / develop / analyze / implement systems software, apps.- Builds security standards for teams; integrates platform, including container and vulnerability management tools within CI / CD pipelines.- Collaborates with project teams on testing / evaluation of new solutions, tests cloud configurations and infrastructure for vulnerabilities.- Ensures cloud infrastructure complies with security and compliance control requirements.- Designs / develops / documents / automates / implements security infrastructure in code.- Creates concise documentation to formalize security processes and guardrails for other Engineers.- Supports development teams to apply secure automation patterns / encourage secure development lifecycle (SSDLC) best practices.What is your background?- A related degree or comparable formal training, certification, or work experience- 2+ years of experience developing / supporting system and security solutions in medium to large size enterprises.- Experience building / integrating systems in cloud and on-premises environments using enterprise source code management tools and automation tooling.- One or more professional security certifications (e.g., CISSP, CISA, CEH, GIAC; cloud certifications from AWS, Azure, or GCP)Do you have what it takes to be an H-E-B Application Security Engineer II?- Working understanding of web applications, web servers, application firewalls, frameworks, and protocols related to web application development, deployment, and operation in the cloud.- Familiarity with log analysis, application performance monitoring, API security, container security, AWS cloud security, Agile and other project management methodologies, PCI DSS, HIPAA, and related regulations- Strong skills in AWS, Azure, or Google Cloud Platform; Terraform, CloudFormation, Pullum, or Ansible; Python, Golang, PowerShell, Perl, or Shell script.- Strong skills in Linux-based and Windows Server operating systems management, secrets management, and vaulting technologies- Strong skills using APIs to optimize tasks / achieve automation.- Strong skills in cloud resources: virtual networking, access controls (security groups and ACLs), service endpoints, application / network load balancing, API gateways, service principals, functions / serverless, storage buckets, containers, block storage, file shares- Interpersonal skills- Organization skills- Ability to work well under pressureCan you...- Function in a fast-paced, retail, office environment- Work extended hours / sit for extended periods11-2024
