Information Security Senior Operations Engineer SIEM

Soar with us at Wawa.

We believe we can make life a little better every day – one smile, hoagie, or experience at a time. And there’s one secret ingredient that truly sets Wawa apart: Our Associates. At Wawa, you’ll be part of a caring team that’s dedicated to helping all of us fly high – together. We’re team players, day-brighteners, and go-getters: and we know that Wawa is a place where we can build skills to thrive and open doors to new career opportunities. We’re proud to be a part of a winning team of Associate owners who shape our success. We’re committed to helping our communities and one another at every turn, because we know that when we fly together, there’s no limit to how far we can go. Ready to be part of a team that helps you reach new heights? Join our flock and get ready to soar.

Job Description

Job Title: Information Security Senior Operations Engineer

Location: Corporate

Department: Information Technology

Job Summary : The Information Security Senior Operations Engineer designs, implements and provides highest level tier support of various endpoint and cloud technologies in the Wawa enterprise. This role will be well versed in the areas of threat detection/prevention, endpoint detection and response (EDR), host intrusion prevention, data loss prevention, application allowlisting, sandboxing, Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), Secure Email Gateway (SEG), and cloud services.

Principal Duties:

• Perform deployment of cybersecurity monitoring, alerting and response content in SIEM, SOAR, SEG, cloud and/or endpoint security tools.
• Recommend, design, build and deploy new tools and platforms that help automate, streamline and scale security operations on-premises and within AWS/M365 cloud environments.
• Provide continuous monitoring, maintenance and support of new and existing security toolsets and systems to ensure resilience, reliability and scalability.
• Work with Risk and Compliance team to review security toolset policies are effective at mitigating current industry threats.
• Lead with tuning alerts in SIEM, SOAR and Endpoint tools.
• Lead with validating alerting use cases in SIEM.
• Work with Threat Intel team to ensure alerting for external threats.
• Test and pilot endpoint products for production readiness.
• Monitor security tool infrastructure for vulnerabilities and bug fixes and develop plan to remediate.
• Lead development of metrics to provide to IT and IS leadership.
• Assist IT Operations in support of log collection, agent installation and effectiveness.
• Provide up to date diagrams and support procedures for tier 1 and 2.
• Act as lead for tier escalation point for security requests and operational incidents.
• Assist in security incidents from identification through containment, eradication, recovery, and reporting.
• Create the necessary interpersonal networks among information security and IT to perform job function.
• Maintain external networks consisting of industry peers, vendors and other relevant parties to address common trends, findings, threats, and cybersecurity risks.
• Maintain foundational knowledge of Payment Card Industry (PCI) Data Security Standard compliance by keeping apprised of changes to the standard, evaluating new systems for impact and supporting annual PCI audit.
• Support audit and assessment process for IT including annual PCI audit, IT general controls review and any other audits or assessments of security and general IT controls.

Essential Functions:

• Excellent written and verbal communication skills, interpersonal and collaborative skills.
• Up-to-date knowledge of methodologies and trends in both information security and IT.
• Must be a critical thinker, with strong problem-solving skills.
• Ability to lead moderate internal Endpoint Protection related tools and technology projects with dependencies on external IT teams.
• High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
• High degree of initiative, dependability and ability to work with little supervision while being resilient to change.
• Ability to design and implement security solutions based on provided requirements.
• Maintain a working environment conducive to positive morale and teamwork.
• Ability to be on-call 24x7x365 rotation for information security incidents.
• Ability to mentor and influence others.

Basic Requirements:

• Minimum of 5 years experience in a combination of incident response, information security and IT.
• Minimum 2 years development experience with scripting languages such as Python, JavaScript and/or PowerShell preferred.
• Degree in technology-related field preferred, or equivalent work- or education-related experience.
• Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Splunk Cloud Certified admin, GIAC Cloud Security Essentials (GCLD), GIAC Certified Incident Handler (GCIH), GIAC Certified Detection Analyst (GCDA), AWS Cloud Practitioner or other similar credentials.
• Advanced knowledge of incident response standards such as NIST 800-61 Rev 3, Computer Security Incident Handling Guide, ISO/IEC 27035:2023, and information security incident management
• Advanced knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPS\IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.
• Expertise in writing playbooks, procedures, processes and policies.
• Significant technical experience with the full stack of security controls and tools including SIEM, SOAR, SEG, EDR, network monitoring, HIPS, cloud security tools and DLP.

Wawa will provide reasonable accommodation to complete an application upon request, consistent with applicable law. If you require an accommodation, please contact our Associate Service Center at [email protected].

Wawa, Inc. is an equal opportunity employer. Wawa maintains a work environment in which Associates are treated fairly and with respect and in which discrimination of any kind will not be tolerated. In accordance with federal, state and local laws, we recruit, hire, promote and evaluate all applicants and Associates without regard to race, color, religion, sex, age, national origin, ancestry, familial status, marital status, sexual orientation or preference, gender identity or expression, citizenship status, disability, veteran or military status, genetic information, domestic or sexual violence victim status or any other characteristic protected by applicable law. Unlawful discrimination will not be a factor in any employment decision.