Sr Information Security Engineer

McLane, we are one of the largest Supply Chain Distribution Companies in the United States. We have been around for over 125 years and we have been known mainly as McLane Grocery and McLane Foodservice for this time. We have over 70 locations all across the United States (Domestic only, if they ask) and one of our biggest challenges is that our locations have operated very independently for the last 125 years. Meaning they operated using a lot of different systems, software, and processes and we are currently trying to change this and really unify, evolve, and begin taking advantage of our strengths to be a more agile, innovative, and unified company. We have recently rebranded into McLane Retail and McLane Restaurant to help with this overall change and we are focusing more on being a Strategic Commercial Partner, Supply Chain Leader, e-commerce Innovator, and Growth Accelerator.

The Sr. Information Security Engineer is a hybrid remote position which will require the candidate to report and work from the office three days a week. Therefore, interested candidates should be within a 50-minute radius from Temple, TX.

Under limited supervision, ensures information system security controls are functional and properly implemented. Provide consultation to management and all areas of information technology for proper controls and implementations for information security. Properly prioritize the top threats and identify the significance for management. Coordinates protection of information technology assets against unauthorized access, modification, or destruction. Responsible for determining enterprise information security standards and applying them. Leads and coordinates information technology threat research, analysis, collection, training, and reporting. Responsible for monitoring the work of other team members.

The Senior Information Security Engineer also coordinates the protection of information technology assets, safeguarding them against unauthorized access, modification, or destruction, and is tasked with determining and applying enterprise information security standards across the organization.

Additionally, this role includes responsibility for monitoring, disseminating, and reporting information collected from specialized security platforms such as honeypots (e.g., Attivo) and IoT/OT security solutions (e.g., Armis). The engineer ensures that threat intelligence from these sources is thoroughly analyzed and shared with relevant stakeholders to enhance the organization's overall security posture.

BENEFITS:

* Day 1 Benefits available: medical, dental, and vision insurance, FSA/HSA and company-paid life insurance.

* Get paid early. Get paid fast.

* 401(k) with annual company match.

* Paid holidays, vacation time, college tuition reimbursement, and more!

ESSENTIAL JOB FUNCTIONS / PRINCIPAL ACCOUNTABILITIES:
Other duties may be assigned. A teammate in this position must have the ability to:

* Participate in the design and implementation of security controls throughout the information technology infrastructure, ensuring that security considerations are embedded in all areas of technology operations.

* Collaborate with various teams across the IT organization-such as help desk, distribution center operators, LAN/WAN administrators, voice and system administrators, and application developers-to ensure consistent application of security best practices.

* Oversee the deployment, configuration, and ongoing management of deception technologies, such as Attivo Networks. This includes setting up decoy systems, traps, and lures to identify unauthorized activity across the network and to detect potential intrusions.

* Continuously monitor alerts and reports generated by deception systems to detect lateral movement, unauthorized access attempts, and insider threats. Collaborate with the incident response team to analyze attack patterns and develop mitigation strategies based on intelligence gathered from these systems.

* Monitor the behavior of IoT (Internet of Things) and OT (Operational Technology) devices for anomalies, threats, or unusual activity. Respond promptly to any deviations from normal behavior, investigating and addressing security concerns as needed. Respond to real-time alerts, coordinating with the incident response team to contain and mitigate threats targeting IoT and OT devices. Ensure timely remediation and documentation of incidents.

* Provide expert judgment and recommendations to management regarding information security risks and best practices across all areas of IT.

* Enable leadership to make informed decisions about risks and threats related to technology systems and their impact on business operations.

* Regularly review and analyze system access audit logs to ensure proper authorization controls are in place and detect any suspicious patterns that may indicate intrusion attempts.

* Investigate user access issues and provide recommendations for enhancing the design and implementation of security protocols.

* Maintain comprehensive documentation of security processes and procedures for use by other members of the security team, ensuring consistency and clarity in the organization's security practices.

* Have a basic understanding of various operating systems and database environments, including Z/OS, I/Series, Unix, and Windows, to support logical security and contribute to system-level security decisions.

* Participate in on-call rotations for security support during regular working hours and after-hours as needed.

* Assist in evaluating candidates for security team positions and other roles within the information systems department.

MINIMUM SKILLS AND QUALIFICATION REQUIREMENTS:

* A teammate in this position must:

* Bachelor's degree in Information Systems or related field.

* 5 years of experience working with Security Administration across Mainframe, Unix, and Windows environments.

* 5 years of experience working with Deception technologies.

* 5 years of experience working with IoT and OT technologies

* CompTIA Security + or Equivalent Certification a MUST

* CompTIA CySA desired

* Excellent interpersonal and communication skills.

WORKING CONDITIONS:

• Office environment

Candidates may be subject to a background check and drug screen, in accordance with applicable laws.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.