Share this Job
Apply now »

IT Security Analyst II - Application Security

Location: Sheetz Corporate - PITTSBURGH, PA

 

We sell hot dogs, beer, gas, and a bunch of other things, but we’re really in the business of “convenience” and that should resonate with you.  At Sheetz, we have a history of making our customers’ lives easier. We pioneered self-service touch screens for ordering food. We rolled out our industry leading Sheetz mobile app long before curbside pickup was around. Although we’re not a tech company, technology has been at the forefront of our success. And who makes that happen? You do! 

 

Building, integrating and supporting the cutting-edge applications that power 600+ stores, 22,000 employees and millions of customers isn’t an easy job, but that’s why we do it!  And we do it in an award-winning culture that’s casual and fun. If you’re looking for a Made to Order career, hit that APPLY button and let’s chat!

 

All team members are working remote due to the pandemic. Keeping our employees safe is most important to us. After we transition back to office work, when it's safe, we do have the option for partial remote work arrangements for candidates living within our 6 state footprint.

 

 

WHAT YOU'LL DO

 

Sheetz’ Cyber Security team is looking for a Cybersecurity engineer with expertise in the Application Security domain.  In this role, you will work with software development partners to identify and mitigate the security vulnerabilities in our applications. You will also act as an application security SME for the development and security communities within Sheetz.  The IT Security Analyst II will design, implement, and enforce security policies that protect systems and data from security risks.

  • Responsible for the identification, investigation, and resolution of security events detected by those systems. Tasks may include involvement in the implementation of new security solutions; participation in the creation / maintenance of policies, standards, baselines, guidelines, and procedures; and conducting vulnerability audits and assessments.
  • Participate in the Secure SDLC Strategic Plan and execution of the Secure SDLC process.
  • Perform dynamic and static application security testing against web applications, thick-client applications, APIs and mobile applications.
  • Perform assessment of cloud architecture and configuration.
  • Perform application threat modeling.
  • Perform findings/vulnerabilities analysis, document results, engage with high level personnel, discuss findings, provide recommendations, explain testing techniques, and stay current on  weaknesses and vulnerabilities.
  • Engage customers on the implementation and improvement of secure software development lifecycle.
  • Support / Execute the implementation of a risk and policy framework including distribution and maintenance of information security and related policies, as assigned by more senior RISC  personnel. Implementation should support the department’s accountability in setting risk and security policies, standards, guidelines, processes and procedures
  • Maintain up-to-date in-depth knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
  • Recommend additional security solutions, or enhancements to existing security solutions to improve overall enterprise security.
  • Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g. security tools) or not (e.g. workstations, servers)
  • Provide call escalation for all in-place security solutions.
  • Evaluate new or modified systems, processes, and/or products vs internal security standards to identify risks that fall outside of Sheetz' risk tolerances.
  • Provide evening and weekend “on call / issue” support as needed. Sheetz is open 24,7,365 and as such, our internal and externa, customers may require support at any time.

 


EXPERIENCE YOU'LL BRING

Education

  • A four-year degree in Computer Science, Engineering or related field required.

 

Experience

  • 3+ years cyber security experience required
  • Experience with security operations preferred
  • Experience with SIEM systems preferred
  • Strong understanding of IP, TCP/IP, and other network administration protocols preferred
  • Strong understanding of Windows and Linux systems preferred
  • Familiarity with security incident response preferred

 

Licenses/Certifications

  • Maintain a continuous personal professional development program; this level requires CISSP certification and commitment to pursue additional training or certifications in risk, security, governance, compliance (e.g., CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP, GICSP, GMOB, GCIH, CRCMP, CISA, CGEIT, CRISC, CRMA, CORP, advanced degree)

 

Tools & Equipment

  • General Office Equipment

 

 

HOW YOU’LL GROW

We are an innovator in our space and we want to make sure you can keep doing that. We are happy to send you to conferences and continuing education to make sure you continue to be the expert in your field.

We also provide employee training programs to continue your growth in your field while here. We believe there’s always room to learn and we offer opportunities to gain hands on experience. Our employees are always encouraged to explore new opportunities, especially within our organization.

 

 

PERKZ

We have all the perks you would expect from a leading employer, such as medical, dental & vision, in addition to that we have:

  • Employee Stock Ownership
  • College Tuition Reimbursement
  • 401(K) Retirement Savings Plan – a 4% match!
  • Employee Profit Share
  • VIP Sheetz Membership (Discounts!)

 

ABOUT SHEETZ

Sheetz, Inc. is a fast-growing, family-owned, food/convenience company that has been in business since 1952. Sheetz has over 600 locations in Pennsylvania, Ohio, Virginia, West Virginia, Maryland and North Carolina.

 

Our mission at Sheetz has been to meet the needs of customers on the go. Of course, things have changed over those nearly 70 years. Life is faster and busier, and customers expect us to be there when they need us most. One thing that hasn't changed is our commitment to our customers, our employees and the communities in which we operate. Sheetz donates millions of dollars every year to the charities it holds dear.

 


Sheetz Award


Nearest Major Market: Pittsburgh

Apply now »