
Description
Company Overview:
The Security Engineer plays a critical role in protecting Dollar General's digital assets, including retail systems and customer data. This hands-on role is responsible for implementing, managing, and optimizing security tools and technologies such as Palo Alto firewalls, CyberArk, and Microsoft Defender. The Security Engineer also partners closely with development teams to embed security into DevSecOps practices. Success in this role requires strong technical expertise, problem-solving ability, and adaptability in a fast-paced environment.
Job Details:Primary Duties & Responsibilities: What major responsibilities does this position have and what percentage of time is spent on completing them? (Typically 5 – 7)
- Security Tool Implementation and Management
Deploy, configure, and maintain a variety of security platforms, including Palo Alto firewalls, Google Cloud (GCP) native security functions, Antivirus technologies (e.g., Microsoft Defender for Endpoint, Palo Alto Cortex XDR) DLP technologies (e.g., Digital Guardian DLP, Microsoft DLP), and Splunk in support of Dollar General's overall security posture. - Security Monitoring & Incident Response
Monitor alerts from tools such as ExtraHop RevealX, Sysdig Secure, Cortex XDR, and Digital Guardian. Investigate suspicious activity and respond to incidents using a pragmatic, risk-based approach. - Vulnerability & Risk Management
Conduct vulnerability assessments using available intelligence and internal tools like Splunk and HCL BigFix. Perform risk analysis and support remediation efforts across internal systems and third-party platforms. - Cloud Security Engineering & DevSecOps Integration
Support secure configurations and access controls in cloud environments including Google Cloud Platform and Microsoft Azure. Utilize tools like Cloud Armor, Sysdig Secure, and the firewalls as well as cross-team collaboration to ensure approved design patterns are implemented. - DNS Security & Remote Access Support
Manage DNS security with tools such as Akamai and Palo Alto Networks. Support secure remote access solutions and VPN technologies. - Documentation & Continuous Learning
Contribute to the development of security documentation, standards, and policies with a focus on clarity and practicality. Stay informed with emerging threats, tools, and technologies, and industry trends.
Required Knowledge, Skills and Abilities (KSAs): What KSAs are required to perform this job?
- In-depth understanding of network, application, and endpoint security principles.
- Familiarity with cloud security best practices in Google GCP and Microsoft Azure, including container security solutions like Sysdig Secure.
- Working knowledge of PKI, VPNs, TCP/IP, IPSEC tunnels, and DNS security solutions.
- Basic scripting abilities in Python, Bash, or PowerShell and familiarity with Terraform for infrastructure automation.
- Strong critical thinking, troubleshooting, and pragmatic decision-making skills.
- Ability to clearly communicate technical information to both technical and non-technical stakeholders.
- Willingness to adapt to changing priorities and occasional availability for non-standard hours or travel.
Work Experience &/or Education: What are the minimum education and/or experience requirements necessary to perform this job?
- Bachelor's degree in Computer Science, Information Security, or a related discipline; or equivalent combination of education and relevant work experience.
- 3-5 years of experience in information security, networking, or related IT fields
- Practical hands-on experience with at least three of the following:
o Palo Alto Networks firewalls and Panorama
o Akamai App & API Protector
o F5 Application Security Manager (ASM)
o Sysdig Secure (or equivalent)
o Google Cloud Platform (GCP) native security tools
o Microsoft Azure native security tools
o Microsoft Defender
o CyberArk Privileged Access
o HCL BigFix
o Splunk Enterprise and Enterprise Security
o Data security methodologies
o DLP technologies - Demonstrated experience in implementing and managing security technologies across on-prem and cloud environments.
- Preferred certifications: CompTIA Security+, CEH (Certified Ethical Hacker), PCNSE (Palo Alto Networks Certified Network Security Engineer), or ISC2 CC.
Apply on company website