Senior IT Security Engineer - SailPoint

The TJX Companies, Inc. - Marlborough, MA

Success is always in style at TJX, a Fortune 100 company and the leading off-price apparel and home fashion retailer in the U.S. and worldwide. Our retail chains include TJ Maxx, Marshalls, HomeGoods, Sierra, Winners and Homesense

Our Vision for this Role

Within Security Operations, our Security Engineering team is responsible for our security tools suite. As a security analyst on this team you will focus on maintaining, improving and optimizing our tools. You will scope and deliver business and risk metrics relating to service performance, identify/recommend/implement process and technology improvements and perform security reviews.

The Skills and Experience that will Make You Successful

6+ years of IT experience with 5+ years of direct Identity and Access Management experience.
Must have experience in one or more Identity Management disciplines, such as: Identity Lifecycle Management, Authentication, Authorization, Federation, Access Management, Access recertification, Role and Entitlement models, Directory technologies etc.
Must have solid understanding of applications and system IAM architectures and best practices
Deliver technical security configuration expertise in implementing enterprise-wide IAM ecosystem
Act as trusted security professional with ability to provide strategic and technical direction in leading activities in computer security concepts including Identity & Access Management, Network Security, Application Security, Incident Management, and Risk & Compliance
Experience understanding operational and security requirements and translation of those requirements into technical IAM capabilities. We’ve a particular interest in candidates with hands-on experience with IBM Security Identity and Access Management Suite, Sailpoint IIQ, Cyber Ark
Ability to mentor and coach IT Security professionals
Ability to effectively communicate and advocate key security requirements and control implementation to development team
Must have development skills and a solid understanding of secure SDLC
Knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the company and its objectives
Familiar with IT Regulations, PCI/Sarbanes-Oxley/Mass Privacy laws
Bachelor's Degree or equivalent experience
Relevant security industry certifications preferred including but not limited to CISSP, SSCP, and CISM etc.
Must have expert level understanding of computer security concepts including Identity & Access Mgmt, Network Security, Application Security, Incident Management, or Risk & Compliance
Must have a moderate understanding of network concepts and protocols (such as DNS, SMTP, FTP, etc.)
Expert knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the company and its objectives
Excellent aptitude for IT Security
Familiar with IT Regulations, PCI / Sarbanes-Oxley / MA privacy laws
Solid working knowledge with MS Office
Expert knowledge of tools and products used in day to day performance (e.g. SourceFire, ITIM, ArcSight)

Major Duties/Responsibilities

Performs all procedures of basic to high complexity necessary to ensure the core objectives of IT Security. Reviews and maintains security operations for large organizational units and/or complex enterprise-wide projects
Serves as technical lead on functional teams or projects and serves as a best practice / quality resource
Performs basic to complex security reviews to ensure compliance with internal security standards and regulatory requirements
Interfaces with user community to understand their security needs. May implement procedures to meet user needs
Acts as a subject matter expert for at least one area within IT Security (ITIM, SOC, etc.) to ensure that the user community understands and adheres to necessary procedures to maintain security
Conducts accurate evaluations of the level of security required for highly complex systems. Provides management with status reports
Performs root cause analysis of moderately complex to highly complex security issues and determines the best course of action to remedy the problem
Performs other duties as required
Investigates and resolves security incidents as needed
Ensures that IT Security architecture / designs, plans, controls, processes, standards, policies, and procedures are aligned with IT standards and overall IT Security objectives
Identifies security risks and exposures, determines the causes of security violations, designs and implements procedures to prevent and mitigate future incidents
Able to create and execute short to medium term strategies
Proactively Determines if an event needs to be escalated to management or outside of the unit
May recommend new policies and procedures to management and has wide latitude to decide on the best course of action for new procedures
Recommends course of action for low to moderately complex situations
May provide guidance and training to more junior associates
May provide budgetary recommendations for future projects / security tools / applications

Minimum Experience and Education

5 years in IT Security environment or equivalent
Bachelor's Degree or equivalent experience
Relevant industry certification preferred
At TJX, we are proud that, for 40 years, we have been providing amazing value to our customers, but the merchandise we sell is just part of our story. We believe our Associates bring our business to life, and we aim to support you by making TJX a terrific place to work. We are committed to leveraging our differences, and believe that the diverse skills, experiences and background that you bring into the organization will help us continue to succeed.

Discover Different. Apply today!

In addition to our open door policy and supportive work environment, we also strive to provide a competitive salary and benefits package. TJX considers all applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, gender identity and expression, marital or military status, or based on any individual's status in any group or class protected by applicable federal, state, or local law. TJX also provides reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act and applicable state and local law.

Posting Notes: Marlborough || MA || TJX Corporate