Sr. Security Engineer

The Sr. Security Engineer is responsible for designing, implementing, and maintaining the organization's information security infrastructure to ensure data confidentiality, integrity, and availability. This role provides advanced security expertise to reduce enterprise risk and articulates technical security requirements. The engineer monitors the effectiveness of IT security controls, raises security awareness among employees, and ensures compliance with industry regulations such as PCI, NIST, and Sarbanes-Oxley, safeguarding our retail operations across all digital platforms. You will be responsible for designing, implementing, and maintaining security solutions to protect against cyber threats and vulnerabilities. This is a hands-on role that requires a strong technical background and a passion for cybersecurity.

Work Environment:

We are headquartered in the Madison, WI area, but this job may be performed remotely within the United States. If you happen to live near and enjoy coming into the office, we will welcome you too!

What You’ll Do: 

Security Architecture & Engineering - Lead the design, implementation, and maintenance of security solutions
across various IT domains, including:

• Deploy and manage endpoint protection and response (EDR) utilizing Microsoft Enterprise Mobility and
  Security, Defender for Enterprise, antivirus software, and other endpoint security tools
• Network Security: Assist with the security configuration and maintenance of firewalls, intrusion
  detection/prevention systems (IDS/IPS), and other security-based infrastructure.
• SIEM systems, DNS security, IPS, HIDS, behavioral analysis, FIM, and other security solutions
• Cloud Security: Support the implementation and management of security controls in cloud environments
  (Azure and GCP), including identity and access management (IAM), data loss prevention (DLP), security
  information and event management (SIEM), conditional access rules, DLP, and threat detection toolset - Security tools and technologies.

Security Operations & Monitoring: 

• Manage and maintain existing security tools such as antivirus, malware protection, vulnerability scanners, and cloud-based platforms --
• Monitor the effectiveness of IT security controls, ensuring appropriate levels of data confidentiality, integrity, and availability. --
• Utilize SIEM and behavioral analysis tools to monitor network activities for potential threats. --
• Respond to security incidents, conduct root cause analysis, and implement measures to prevent recurrence. --
• Contribute to the continuous improvement of security monitoring and incident response processes. -- Implement Data Loss Prevention (DLP) strategies and oversee backup and disaster recovery plans.

Policy Development and Compliance: 

• Lead the development and maintenance of security documentation, including policies, standards, procedures, incident response plans. 
• Raise security awareness among employees and ensure policy compliance. 
• Ensure policies align with business objectives and regulatory requirements like PCI-DSS, NIST, and Sarbanes-Oxley.

Identity and Access Management: 

• Manage IAM systems and implement least privilege access controls. 
• Utilize tooling such as Google GAM, powershell scripting, and Microsoft Entra for efficient user access management and auditing.

Threat Intelligence and Vulnerability Management: 

• Stay abreast of the latest security threats, vulnerabilities, and attack techniques by monitoring threat intelligence feeds, security advisories, and industry publications. 
• Proactively identify and assess vulnerabilities in our systems and applications through regular vulnerability scans, penetration testing, and code reviews. 
• Coordinate and collaborate with third-party security vendors to conduct penetration testing and vulnerability assessments.
• Develop and maintain comprehensive threat models to identify potential attack vectors and prioritize security controls.

Collaboration and Training:

• Work with IT and development teams to integrate security into all projects. 
• Provide guidance to IT team members and conduct security awareness training.

What We’re Looking For:

• Bachelor's Degree in Computer Science, Information Security or related Equivalent work experience will be considered.
• CISSP - Certified Information Systems Security Professional
• CISM - Certified Information Security Manager
• CEH - Certified Ethical Hacker
• GIAC - Global Information Assurance Certification
• Technical Skills: Proficient in endpoint protection and EDR solutions
• Strong knowledge of: SIEM systems, Firewall technologies, IDS/IPS systems, Cloud security platforms
• Experience with: Security orchestration, automation, and response (SOAR) tools, Web Application Firewalls (WAF), Data encryption methods
• Regulatory Knowledge: In-depth understanding of PCI DSS, NIST, and Sarbanes-Oxley compliance security requirements
• Experience with audits and ensuring regulatory compliance.
• Familiarity with compliance standards such as ISO 27001, NIST, or GDPR.
• Excellent problem-solving and analytical skills.Strong communication skills, both written and verbal.
• Ability to work independently and as part of a team.
• High level of integrity and professional ethics.
• Other Requirements: Proven experience in threat intelligence, penetration testing, and vulnerability
  management.

Duluth Headquarters Benefits and Perks

As we continue to grow Duluth Trading Company and its house of brands, the perks have perked up, too. We’ve boosted an already impressive benefits package to include: unlimited paid time-off, 12-week full-pay parental leave, paid holiday time for the important observance of Martin Luther King Jr. Day and Juneteenth, flexible schedules and more! Why’d we go all out? Because our pursuit of a better way means that when it comes to great talent, better perks are a given.

Compensation: $90,000 - $115,000/Year

Compensation is based on several factors including but not limited to education, work experience, certifications, etc.

The responsibilities outlined in this position description are a guideline for the general duties of the position and are not exhaustive of all duties inherent in the job. Duluth Trading Company is an equal opportunity employer.

Started in 1989, Duluth Trading Company exists to enable hard-working individuals to take on life with their own two hands. Folks that revel in doing it the hard way and celebrate finding a better way. We seek talented individuals who share these beliefs and are excited to further the Duluth Trading legacy with a digital-first mindset, always moving forward and always innovating.

From ingenious Duluth workwear, to comfortably capable Buck Naked Underwear, to outside-embracing AKHG, it’s all about the innovative gear and gadgets that equip customers for a more hands-on way of life.

Top-notch quality, immersive storytelling, outstanding customer service, and the shared belief that the go-all-in-and-dig-deep spirit exists with everyone are what sets Duluth Trading Co. apart. We seek talented folks looking to be part of a can-do team that’s hellbent on helping the world to gear up, get its hands dirty, and do.