Systems Engineer, Information Security Position Available In Shelby, Tennessee

Summary :

To deliver desired, sustainable business outcomes and assure the integrity and continuity of our systems. This position is responsible for the development, maintenance, and support of AutoZone’s security hardware, software and/or security systems. This includes applying domain expertise, providing technical guidance and mentoring, supporting the customers, resolving problems, and training as required.

Responsibilities :

Participate in any and potentially all roles of the security systems development life cycle. Roles may vary by project and assignment. This may include, but not limited to: Design and execute red team operations (simulated and real world activities), including network exploitation, social engineering, and physical security assessments. Conduct security vulnerability assessments across various infrastructures (on-premises, hybrid, and cloud environments). Collaborate with blue teams to facilitate purple team exercises and strengthen threat identification and mitigation strategies. Compile comprehensive assessment reports and deliver practical improvement suggestions to both technical specialists and leadership teams. Continuously monitor and research new security threats, attack methods, and system weaknesses to enhance testing approaches and methodologies. Identify security concerns and mitigating controls; identify, document, and manage risks to AutoZone data, systems, and processes. Responsible for technical design and administration of security controls, services, and architecture, e.g. infrastructure and / or network systems, application security tools and processes, identity and access management technologies, and /or incident response functions. Accurate work planning and execution; accurate project and time tracking. Applying security subject matter expertise.

Requirements :

Typically, four to seven years of experience in penetration testing, red teaming, or offensive security in a mid- to large-enterprise environment Solid knowledge of one of the following functional areas, with advanced Red Team knowledge Infrastructure and Network Security Strong understanding of TCP/IP networking fundamentals, ports, and protocols Experience exploiting vulnerabilities in Active Directory environments and security controls Ability to identify and exploit network infrastructure weaknesses Application Security Demonstrated experience with application-layer security assessments and penetration testing Proficiency in conducting code reviews to identify security flaws Ability to analyze published vulnerabilities (CVEs) and adapt exploitation techniques to specific operating environments Security Operations and Incident Response Formal incident response experience in large enterprise environments Experience with threat hunting methodologies and tools Forensic analysis capabilities and familiarity with incident handling procedures Understanding of security monitoring systems and evasion techniques Identity and Access Management Expertise in identifying misconfigurations in authentication and authorization controls Experience bypassing or exploiting IAM weaknesses Knowledge of privilege escalation techniques across various platforms Cyber Threat Intelligence and Social Engineering Proficiency in Open Source Intelligence (OSINT) gathering techniques Experience planning and executing phishing campaigns and social engineering attacks Ability to leverage threat intelligence to simulate realistic adversary behaviors Experience with cloud security testing (GCP preferred) and web application protocols (HTTP, DNS, FTP). Strong communication skills to articulate complex technical issues to non-technical audiences. Solid task estimation, planning and execution skills Solid problem solving, domain technical and analytical skills Solid system design and implementation skills Required Bachelor’s degree in Computer Science or related field

Preferred:

Certifications such as

OSCP, OSCE, or CRTP Preferred:

The ability to create and update specialized software utilities that augment security testing operations (utilizing languages such as Python, PowerShell, or Go).

Preferred:

Experience with exploit development or custom malware creation.

Preferred:

Knowledge of advanced persistent threat (APT) emulation and purple team operations. Benefits at AutoZone AutoZone cares about people. That’s why AutoZone offers thoughtful benefits programs designed to improve AutoZoners’ physical, mental and financial wellbeing.

Some of these benefits include:

• Competitive pay and time off
• Unrivaled company culture
• Medical, dental, vision, life, and short- and long-term disability insurance options
• 401(k) with Company match and Stock Purchase Plan
• Mental and physical wellbeing programs
• Opportunities for career growth and tuition reimbursement Eligibility and waiting period requirements may apply.

Learn more about all that AutoZone has to offer on careers.autozone.com. An

ONLINE APPLICATION

is

REQUIRED.

Click the Apply button to complete your application. For step-by-step instructions on how to apply visit careers.autozone.com/candidateresources

Qualifications:

UNAVAILABLE