Firm Name: Costco

Numbers of Jobs: IT Security Analyst

Education Need: Graduate

Job Hours: 8

Payment: $20-$30/Hours

What's Job City: Seattle

Job Details:

• Since this environment is unique to the high-tech world, Costco's culture is the secret to its success. The value that Costco places on its staff is well-documented in articles from a variety of publishers, including Bloomberg and Forbes. Our team and employees are given priority one. With numerous awards to its credit, Costco is well known for its generosity and dedication to the local community. The company supports numerous opportunities for charitable giving, which motivates its staff to actively volunteer. The United Way and Children's Miracle Network Hospitals received more than 58 million dollars from Costco in 2021.
•  Costco IT, the third-largest retailer in the world with wholesale operations in 14 nations, is in charge of guiding Costco Wholesale's technological development. Despite our size and quick international growth, we continue to promote a family-oriented environment where our employees can succeed. The fact that Forbes ranks Costco as the seventh best employer in the world is proof of this.
•  The Security Analyst is in charge of supporting Costco Travel's overarching values and business goals in a number of ways, such as adhering to legal, ethical, and regulatory requirements; protecting member privacy; and maintaining a secure technological environment. Security analysts design and implement security defenses, countermeasures, and controls to thwart intrusions into corporate data, internal and external attacks, and compromises of systems and accounts. Security analysts look into attempted and successful attempts to compromise system security, design countermeasures, put in place and keep up physical, technical, and administrative security controls, and inform management of the negative effects on the business' operations. The security analyst provides advisory services, works with vendors to review and suggest products, monitors and audits information system activity, creates and maintains documentation for policies, standards, and procedures, evaluates security risks, and recommends security controls.
•  If you want to work for one of the BEST companies in the world, all you have to do is apply and let your career be reimagined. ".

 ROLE.

•  offers security and technical expertise to support the development of security objects that satisfy business requirements.
•  manages access to physical and virtual systems by carrying out analysis and administration of security policies.
•  the creation of security solutions that take compliance requirements into account, which may or may not have an impact on security.
•  discovers, creates, and puts into practice security incident detection strategies to boost adherence and support for security standards and procedures.
•  evaluates business role requirements, evaluates authorization roles, and supports authorizations.
•  displays a diverse skill set, has testing permissions for a number of environments, and organizes testing with business/technical users.
•  checks system settings to ensure the safety of information system assets and protects information systems from unauthorized access or destruction.
•  uses best practices when establishing information system security standards and procedures (e. Access control, system hardening, system audit, log file monitoring, security policies, and incident response).
•  makes plans for and organizes interactions with other departments (loss prevention, legal, networking, etc.). ). ).
•  identifies security holes that Costco could exploit and prioritizes short- and long-term remediation to plug those holes.
•  develops and puts into action security measures to prevent the leakage of internal or external data.
•  selects the data analysis method, network behavior implementation method, and tools to be used.
•  identifies and fixes problems, frequently spotting issues before they happen or before they get worse; develops and evaluates alternatives; and proposes solutions that benefit the company.
•  provides expertise on the protocols, standards, and technologies related to system security.
•  configures, deploys, supports, and maintains security tools.
•  prevents the disclosure of information's accessibility, confidentiality, and integrity to unauthorized parties.
•  creates dashboards, configures alerts, deploys and maintains security software platforms, and monitors tools and applications.
•  identifies areas for streamlining, and through continuous process improvement, increases effectiveness.
•  adopts practices, processes, and procedures in accordance with Costco's information security and IT policies.
•  develops and stores in Playbooks incident handling policies and security event documentation.
•  ensures that incident documentation is complete, accurate, and thorough.
•  Investigates, classifies, and prioritizes security event and incident handling activities.

 REQUIRED.

•  4+ years of experience working in the information security industry.
•  Demonstrate your ability to communicate information security issues (risks, threats, vulnerabilities, etc.) with clarity. ). ) to both technical and non-technical audiences (like executives, auditors, and end users).
•  the ability to decipher data and processes related to information security to identify potential compliance issues.
•  the ability to quickly comprehend security systems while recognizing and verifying security requirements.
•  a working knowledge of and understanding of PCI, GDPR, SOX, CCPA, and other legal requirements.
•  working knowledge of how to use software like Nessus to conduct assessments and scans of vulnerabilities.
•  Process and technology expertise in EDR (Endpoint Detection and Response).
•  Show that you have a firm grasp of Windows, Unix/Linux, networking, telephony, and wireless security.
•  At least three of the following technologies, such as firewalls, content filtering, anti-virus, Web application firewalls, IDS/IPS systems, security information and event correlations systems, DLP products, endpoint security technologies, encryption technologies, penetration testing tools, and secure code application development and testing tools, should be managed and used by the candidate.
•  a thorough working knowledge of network topologies and protocols, such as TCP, UDP, TLS, SFTP, SMTP, NTP, NetBIOS, and DHCP.
•  working familiarity with information system security policies and practices (e. g. Access control, hardening of the system, system audit, log file monitoring, security policies, and incident response are some examples.
•  Self-motivation and the ability to collaborate with others are necessary for putting changes into action.
•  The capability to work independently or with little to no supervision, as well as the ability to prioritize and manage multiple projects and tasks.
•  capable of providing support when required for off-duty work, such as evening, weekend, and holiday shifts.
•  Must be a team player who is willing to pitch in when needed.

 Strongly advised.

•  a bachelor's degree in computer science or a closely related field, or the equivalent in work experience.
•  The CISSP, GIAC, SANS, or equivalent credentials are desired for security.
•  working knowledge of business network security testing.
•  understanding of tools like Nmap, NetCat, and Enum.
•  practical experience with file integrity management applications.
•  Understanding of how to use packet sniffers and analyze captured packets to support the investigation and analysis of security events.
•  understanding of the most recent security and maintenance techniques for web servers (Apache, IIS, Java, etc. ). ).
•  OWASP, secure coding, and web application security expertise.
•  excellent analytical and problem-solving skills.
•  demonstrated expertise in ethical hacking techniques, team management, and penetration testing tools.
•  forensic tool and collection performance proficiency.
•  knowledge of creating standards and policies based on the best techniques available.
•  knowledge of cloud security procedures and containerization.
•  understanding of risk management and evaluations of the dangers connected to security or incident events.

 Required Documents.

•  Study of a case.
•  resuming your work.

 Please click here to read the Costco Applicant Privacy Notice if you are an applicant from California.

 Slopes of Pay:.

•  Level 2 - $95,000 - $125,000.
•  Level 3 - $1515000 - $145,000.