We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Macy's jobs

Security Engineer - Threat Management and Response

Macy's
78,700-131,100
paid time off, paid holidays, tuition reimbursement, 401(k)
5985 State Bridge Road (Show on map)
Apr 16, 2025

Be part of an amazing story.

Macy's is more than just a store. We're a story. One that's captured the hearts and minds of America for more than 160 years. A story about innovations and traditions...about inspiring stores and irresistible products...about the excitement of the Macy's 4th of July Fireworks, and the wonder of the Thanksgiving Day Parade. We've been part of memorable moments and milestones for countless customers and colleagues. Those stories are part of what makes this such a special place to work.

Job Overview

The Security Engineer monitors and investigates normal and escalated security events to assess risk and exposure, performing additional forensic investigations to understand impact and determine mitigation strategies.

What You Will Do



  • Respond to security events or incidents, implementing countermeasures to reduce or mitigate further exposure.
  • Perform triage on events reported by various detection devices, filtering out false positives and known accepted activities.
  • Track and provide daily activity details, assisting in the creation of reports that display trends and overall statistics based on correlated security incidents and event data.
  • Create and implement standard operating procedures and processes to streamline investigations, daily monitoring, and analysis research, ensuring all analysts follow consistent guidelines.
  • Research and explain technical concepts to both technical and non-technical personnel.
  • Identify common network and website attacks, such as SQL injection, cross-site scripting, remote file inclusion, and cookie manipulation.
  • Analyze and correlate security events, implementing countermeasures to mitigate intrusion attacks.
  • Foster an environment of acceptance and respect that strengthens relationships, and ensures authentic connections with colleagues, customers, and communities.
  • In addition to the essential duties mentioned above, other duties may be assigned.


Skills You Will Need

Security Platforms & Tools: Basic understanding of multiple security platforms, including anti-virus, firewalls, proxy servers, intrusion prevention systems (IPS), logging correlation/management, operating systems, protocols, and incident response.

Incident Response & Forensics: Ability to assess, investigate, and respond to security events and incidents, performing forensic investigations to determine impact and recommend mitigation strategies.

Network & Web Security: Knowledge of network and website attacks (e.g., SQL injection, cross-site scripting, remote file inclusion, cookie manipulation) and the ability to identify, analyze, and respond to these threats.

IDS/IPS & Network Forensics: Understanding of IDS/IPS real-time monitoring, analysis, and network forensics for detecting and investigating potential security breaches.

SIEM Technologies: Experience with or basic knowledge of Security Information and Event Management (SIEM) tools for monitoring and analyzing security incidents.

EndPoint Detection: Working knowledge of EndPoint Detection Tools (Malware Protection/EDR) to detect and respond to endpoint security threats.

Intrusion Prevention Systems: Familiarity with intrusion prevention systems (IPS) and other security technologies for mitigating potential attacks.

Event Triage & Analysis: Proficiency in performing triage on security events, filtering out false positives and known accepted activities, and prioritizing security incidents for investigation.

Data Correlation & Reporting: Ability to analyze and correlate security events, track incidents, and provide statistical reports that display trends and key insights on security incidents.

Countermeasure Implementation: Strong skills in implementing effective countermeasures to reduce or mitigate security risks and exposures.

Technical Communication: Strong written and verbal communication skills for explaining technical findings and recommendations to both technical and non-technical personnel.

Documentation & Reporting: Ability to document incidents, security events, and investigative findings in clear, concise reports and create standard operating procedures to ensure consistency across teams.

Security Protocols & Technologies: General knowledge of TCP/IP, HTTP, FTP, cookies, authentication, virus scanning, web servers, SSL/encryption, and related security technologies.

Social Engineering & Attacks: Understanding of common social engineering attacks (e.g., Phishing, Smishing, Vishing) and appropriate response measures.

Incident Response Methodologies: Familiarity with security incident response methodologies, assisting with the coordination of security incidents and helping implement necessary procedures for effective resolution.

Standard Operating Procedures (SOPs): Ability to create and implement SOPs to streamline investigations, monitoring, and analysis research, ensuring effective operations and consistency within the team.

Cross-Functional Collaboration: Ability to work with other teams, such as IT, development, and operations, to ensure security alignment and contribute to incident management and resolution.

Who You Are



  • Candidates with a bachelor's degree or equivalent work experience in a related field are encouraged to apply. 1-2 years of related experience.
  • Regularly required to sit, talk, hear; use hands/fingers to touch, handle, and feel. Occasionally required to move about the workplace and reach with hands and arms. Requires close vision.
  • Able to work a flexible schedule based on department and company needs.


What We Can Offer You

Join a team where work is as rewarding as it is fun! We offer a dynamic, inclusive environment with competitive pay and benefits. Enjoy comprehensive health and wellness coverage and a 401(k) match to invest in your future. Prioritize your well-being with paid time off and eight paid holidays. Grow your career with continuous learning and leadership development. Plus, build community by joining one of our Colleague Resource Groups and make a difference through our volunteer opportunities.

Some additional benefits we offer include:



  • Merchandise discounts
  • Performance-based incentives
  • Annual merit review
  • Employee Assistance Program with mental health counseling and legal/financial advice
  • Tuition reimbursement


Access the full menu of benefits offerings here.

About Us

This is a great time to join Macy's! Whether you're helping a customer find the perfect gift, streamlining operations in one of our distribution centers, enhancing our online shopping experience, buying in-style and on-trend merchandise to outfit our customers, or designing a balloon for the Thanksgiving Day Parade, we offer unique opportunities to be part of some of the most memorable moments in people's lives.

Join us and help write the next chapter in our story - apply today!

This job description is not all-inclusive. Macy's, Inc. reserves the right to amend this job description at any time. Macy's, Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.

LEGALRE00

TECH00

Applied = 0
MORE JOBS LIKE THIS

(web-77f7f6d758-rjjks)