This Job Vacancy has Expired!

Senior IT Security Engineer - Pen Testing Job

Posted on Apr 21, 2021 by BJ's Wholesale Club

Westborough, MA 01580
Immediate Start
Annual Salary

BJ's Wholesale Club was the first retailer to introduce the warehouse club concept in the northeastern United States. Today, we're a multibillion dollar operation with more than 200 clubs in 17states from Maine to Florida.

While our Members know us for helping them save up to 25% off grocery prices every day, our Team Members love us for providing a supportive and engaging workplace that's committed to developing great talent.

If you're a motivated and enthusiastic person who enjoys working collaboratively and is committed to providing great service for our Members, we want to hear from you. BJ's offers a fast-paced, team environment with great training opportunities and competitive salary and benefits packages to help you succeed.

The Sr IT Security Engineer will fill a fundamental role meaningful role within Threat Operations Team with the focus on Penetration Testing, Threat Hunting, and Threat Emulations to proactively identify vulnerabilities.

This Security Engineer will also work with other security teams on architecting, implementing technologies, processes, and improvements.

Responsibilities include but are not limited to:

  • Create and maintain evaluation and technical testing plans to proactively identify vulnerabilities, misconfigurations, and visibility shortfalls

  • Create set of testing capabilities that can be provided during new IT services being deployed, major changes to critical systems, and new enhancements to applications or web services

  • Strive to automate testing, documentation, and repeatability for a continuous Threat hunting program

  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services

  • Assists incident handling for the Cyber Security Incident Response Team (CSIRT). Assists with corrective action plans, audit findings and security issues, ensuring problems are resolved in an effective and timely manner.

  • Proven development of emulating known malicious actor's common toolsets

  • Participate in third party evaluation engagements or Penetration Tests

  • Emulate top Tools, Tactics, and Procedures (TTPs) of malicious actors to proactively identify potential security posture shortfalls

  • Identify controls and logging shortfalls to Influence enhancements to the firm's security program


  • 3 to 5 years in perform evaluations that include Penetration Testing, Purple Teaming, and Vulnerability Management

  • Bachelor's Information Technology, Computer Science or related field

  • Ability to provide day to day evaluations to provide critical insight for senior leadership and strategy personnel

  • 3 years experience in conducting threat hunting initiatives and evaluating controls leveraging frameworks such as MITRE ATT&CK.

  • Capable of authoring custom evaluation plans with emphasis on identifying those that can be performed on a continuous basis, and finally identify those plans that can be automated

  • Expertise in Shell Scripting and other programming languages, such as Powershell and Python

BJ's Wholesale Club is committed to a policy of equal employment opportunity for all qualified team members and applicants for employment without regard to race, religion, color, sex, sexual orientation, age, ancestry, national origin, physical and/or mental disability, genetic information, atypical cellular or blood trait, marital and/or familial status, pregnancy, gender identity and expression, military or veteran status, or any other characteristics protected by applicable law.

Nearest Major Market: Worcester

Reference: 1173428394

Set up alerts to get notified of new vacancies.