Location: Hershey, PA

This position can sit remotely.

 

 

Summary: 

As a Security Engineer for The Hershey Company, you will reduce cyber risk to the organization by defining, designing, and building technical security controls.

 

Responsibilities:

Work with leadership, customers, and stakeholders to develop technical security controls based on a changing threat landscape and new digital capabilities.​ Design security solutions that mitigate or reduce cyber risk that is identified via risk assessments and incident response.​ Ideate, initiate, plan, execute, and close security projects in coordination with project management and project resources.​ Implement new security solutions that are prioritized for their effectiveness at reducing cyber risk.​ Implement continuous control monitoring to automate identification and remediation of control deficiencies​ Transition security solutions to operational teams for sustained service delivery.​ Research, assess, and continuously improve security solutions to ensure they are maturing and adapting according to the evolving threat landscape and evolving business requirements.

 

 

Qualifications: 

 

Technical expertise in 2+ security domains across endpoint security, network security, email and web security, data security, identity security, cloud, containers, Operational Technology (OT), vulnerability and configuration management, threat intelligence management, security automation, and security incident and event management (SIEM).​ Full-stack knowledge of IT infrastructure including applications, databases, operating systems, hypervisors, IP networks, storage networks, and backup media.​ Experience with enterprise technology platform implementations.​ Strong working knowledge of IT service management, including change management, configuration management, asset management, incident management, and problem management.​ Proficiency with at least one scripting language (e.g., Python, PowerShell)

 

Education:

Bachelor’s degree in computer science, cybersecurity or a related field OR equivalent work experience​ 3+ years of experience in cybersecurity, especially in a security engineering role​ The ideal candidate will maintain one or more of the following certifications, though they are not required: GSE, GDSA, GCIA, GCIH, GSEC, GCDA, CISSP

 

 

#LI-SM1