Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in fourteen countries. Despite our size and explosive international expansion, we continue to provide a family, employee centric atmosphere in which our employees thrive and succeed. As proof, Costco ranks seventh in Forbes “World’s Best Employers”.

This is an environment unlike anything in the high-tech world and the secret of Costco’s success is its culture. The value Costco puts on its employees is well documented in articles from a variety of publishers including Bloomberg and Forbes. Our employees and our members come FIRST. Costco is well known for its generosity and community service and has won many awards for its philanthropy. The company joins with its employees to take an active role in volunteering by sponsoring many opportunities to help others.

Come join the Costco Wholesale IT family. Costco IT is a dynamic, fast-paced environment, working through exciting transformation efforts. We are building the next generation retail environment where you will be surrounded by dedicated and highly professional employees.

The role of each Cybersecurity Infrastructure team member is to support the overarching values and business goals of Costco, including meeting legal, ethical and regulatory obligations; protecting member privacy; and maintaining a security technology environment for our operations.

The Cybersecurity Infrastructure Analyst provides consultative services; works with suppliers for product considerations and recommendations; performs monitoring and auditing of information system activities; creates and maintains documentation related to policies, standards, and procedures; and mentors other team members. The analyst will understand systems management knowledge with security emphasis in following areas: IPL process, job management, job queues, job scheduler, job descriptions, output queues, job scheduler, job descriptions, output queues, system values, job logs. The analyst has knowledge of IBM security best practices, IBM i (iSeries) OS, IT audit, policies, vulnerability risk remediation, and regulatory requirements.

If you want to be a part of one of the worldwide BEST companies “to work for”, simply apply and let your career be reimagined.

ROLE

Provides security and technical expertise to support the development of security objects to satisfy business requirements.

Analyzes and administers security policies to control physical and virtual system access.

Identifies and investigates security issues and develops security solutions that address compliance requirements that can/ do impact security.

Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance and support of the security standards and procedures.

Assesses business role requirements, reviews authorization roles, and supports authorizations.

Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.

Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.

Implements best practice when applying knowledge of information systems security standards/practices (e.g.access control and system hardening, system audit and log file monitoring, security policies, and incident handling).

Designs and coordinates activities/engagements with other departments (loss prevention, legal, networking, etc.).

Identifies security gaps that expose Costco to potential exploit and develop short and long term prioritized remediation to address those gaps.

Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal/external data infiltrations.

Determines strategy and protocol for network behavior, analysis techniques, and tool implementation.

Identifies and resolves problems often anticipating issues before they occur or before they grow; develops and evaluates options; and implements solutions that support the business.

Provides subject matter expertise in systems security policies, standards/practices, protocols, and technologies.

Configures, deploys, maintains, and supports security tools.

Protects confidentiality, integrity, and availability of information from being disclosed to unauthorized parties.

Creates dashboards, configures alerts, implements and supports security software platforms, and monitors tools/apps.

Identifies opportunities for streamlining, and increasing effectiveness through continuous process improvement.

Implements practices, processes, and procedures consistent with Costco's information security policy and IT standards.

Develops and documents security events and incident handling procedures into Playbooks.

Ensures that incident documentation is comprehensive, accurate, and complete.

Triages, prioritizes, investigates, and coordinates security events and incident handling activities.

Works analytically to solve both tactical and strategic problems.

Works with IBM Lab Services, Costco Compliance, Internal Audit, and Business teams to identify and analyze risks.

Works with stakeholders to provide security solutions that support their business requirements.

Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance with and in support of security standards and procedures in place.

Works with the Incident Response team to remediate discovered security incidents by informing appropriate custodians, determining root cause, and actions (if necessary) required to re-establish respective information system security.

Understands compliance requirements that may impact security and works with business areas and project teams to develop security solutions that address these requirements.

Coordinates activities or engagements with Loss Prevention, Legal, and law enforcement as required.

Participates in team activities and team planning in regards to improving team skills, awareness, and quality of work.

Up to date in the areas of: technology, business knowledge, and Costco policies and platforms.

Maintains current knowledge of industry trends and standards.

Ability to travel internationally as required.

REQUIRED

Security, and Systems Administration knowledge and experience.

Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).

High level of communication skills, verbal and written, with the ability to clearly communicate Cybersecurity Infrastructure matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.

Demonstrate a logical and structured approach to time management and task prioritization.

Knowledge of IBM security best practices, IBM i (iSeries) OS, IT audit, policies, vulnerability risk remediation, and regulatory requirements.

Systems management knowledge with security emphasis in following areas: IPL process, job management, job queues, job scheduler, job descriptions, output queues, job scheduler, job descriptions, output queues, system values, job logs.

Knowledgeable with multi factor authentication and authentication processes and protocols. TACACS+, Radius, LDAP, AD, authentication services, as well as PKI and token/certificate based authentication.

Working knowledge of IBM i Privileged Elevation and Antivirus tools.

Strong analytical skills.

Project Management skills.

Ability to handle highly confidential information in a strictly professional manner.

Scheduling flexibility to meet the needs of the business including nights, weekends, and holidays.

Experience with networking technologies, such as firewalls, routers, load balancers, and proxies.

Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).

Demonstrated experience of “hands on” security knowledge of one or more of the following platforms: Windows, Linux, UNIX, AIX, or iSeries.

Experience with Threat Modeling, security assessments, and evaluating mitigating controls.

Experience with network-based detective controls like IDS, IPS, and various SIEMs.

Working knowledge of networking protocols and web technologies.

Ability to interpret information security data and processes to identify potential compliance issues.

Ability to quickly understand complicated data flows in order to identify and validate security requirements.

Must be a team player and willing to establish a strong positive working relationship with all areas of the business.

Ability to work effectively, independent of assistance or supervision.

Innovative, creative, and extremely responsive with a strong sense of urgency.

Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers using appropriate language, examples, and tone.

Willing to share knowledge and assist others in understanding technical and business topics.

Recommended

One or more IBM i (iSeries) System Administrator certifications.

One or more professional audit or security certifications such as: CompTia Security+, CISA, GSEC, or CISSP (or equivalent experience).

Experience with one or more scripting languages.

General knowledge of enterprise-level applications including ERP.

General networking knowledge.

Experience with tools such as: NMAp, NetCat and Enum, DNS, NTP and Citrix, TACACS, IDS, IPS and various SIEMS.

Working knowledge of protocols and technologies such as TCP, UDP, SSL, FTP, SMTP, NetBIOS, DHCP, HTML, CSS, JavaScript and WML.

Experience with performing vulnerability scans and assessments, as well as computer forensics.

Required Documents

• Cover Letter

• Resume

California applicants, please click here to review the Costco Applicant Privacy Notice.

Pay Ranges:

Level 1 - $70,000 - $105,000

Level 2 - $95,000 - $130,000,

Level 3 - $125,000 - $165,000

Level 4 - $150,000 - $195,000

We offer a comprehensive package of benefits including paid time off, health benefits - medical/dental/vision/hearing aid/pharmacy/behavioral health/employee assistance, health care reimbursement account, dependent care assistance plan, short-term disability and long-term disability insurance, AD&D insurance, life insurance, 401(k), stock purchase plan to eligible employees.

Costco is committed to a diverse and inclusive workplace. Costco is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or any other legally protected status. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to IT-Recruiting@costco.com

If hired, you will be required to provide proof of authorization to work in the United States.