Sr. IT Systems & Security Engineer

Position Overview

The Systems and Security Engineer at Spotless Brands plays a pivotal role in maintaining the security and efficiency of the Company's IT infrastructure and digital assets, with a particular focus on cloud services (such as Microsoft 365 and Azure), Point of Sale (POS) systems, and cybersecurity. This role demands a blend of expertise in cloud computing, application security, and cybersecurity practices to ensure the protection and optimal performance of IT systems.

Essential Functions (Other Duties as Assigned)

Cloud Services Management

• Administer and optimize cloud environments, primarily focusing on Microsoft 365 and Azure, ensuring scalable, secure, and efficient operations.
• Implement and manage cloud-based applications and services, including integrations with on-premises or other cloud systems.
• Oversee cloud data storage, backup, and recovery processes, ensuring data integrity and compliance with data protection standards.

POS System Security

• Ensure the security and integrity of POS systems, implementing cybersecurity measures to protect against threats and unauthorized access.
• Coordinate with the applications team to ensure that POS systems are seamlessly integrated with cloud services and other IT systems.
• Monitor and maintain POS software and hardware, including regular updates and patches to address security vulnerabilities.

Cybersecurity Implementation and Management

• Deploy and manage advanced cybersecurity tools and processes to safeguard IT systems and sensitive data.
• Conduct regular security assessments and audits to identify vulnerabilities and implement remediation strategies.
• Keep up to date with the latest cybersecurity threats and countermeasures, continuously improving the organization's security posture.

Data Protection and Compliance

• Implement robust data protection strategies, focusing on both cloud-based and on-premises environments.
• Ensure compliance with relevant regulations and standards like PCI DSS, HIPAA and NIST CSF, adapting practices to meet the needs of different environments (cloud, hybrid, on-site).
• Collaborate with legal and compliance teams to ensure adherence to data privacy laws and guidelines.

Systems Administration

• Manage and maintain essential IT systems, with a particular focus on cloud-based environments and POS systems.
• Perform routine system maintenance tasks, including system monitoring, performance tuning, and troubleshooting.
• Coordinate with vendors and service providers to resolve complex system issues and optimize performance.

User Support and Security Training

• Provide high-level technical support for cloud and security-related issues.
• Develop and deliver training and awareness programs focusing on cybersecurity best practices and secure use of cloud services.

Project Involvement

• Actively participate in IT projects, ensuring cloud and cybersecurity considerations are integrated from the outset.
• Collaborate with various IT teams to align system and security objectives with broader organizational goals.

Education and Experience

Required:

• Bachelor's degree; or equivalent level of advanced schooling + experience
• 7+ years of relevant work experience in IT Infrastructure
• Familiar with IT Systems & Security concepts, design principles, best practices, standards, and processes
• Excellent analytical, statistical, quantitative, and deduction skills.
• Ability to represent information in graphical forms including creating data, infrastructure, and topology diagrams, etc.
• Experience implementing controls for Cybersecurity regulation such as: PCI-DSS, SOX, or CCPA
• Flexible and adaptable to changing priorities, based on business needs.
• Must be able to work occasional varied hours, including nights, weekends and holidays.

Preferred:

• Regular work exposure to Python and Git version control
• Exposure to JSON (arm) and XML
• Industry Certifications preferred (ITIL, CISSP, Azure, etc.)
• Working understanding of POS systems architecture

Knowledge, Skills, and Abilities

• Strong understanding of architecting and configuring Microsoft Windows OS technology
• Background in scripting and automation in widely used languages such as Python, JavaScript, PowerShell, etc.
• Systems management & deployment software such as SCCM, M365 Intune, JAMF, etc.
• Vulnerability scanning technologies such as VikingCloud, Rapid7, Qualys
• Understanding of change management processes associated with technology implementations.
• Understanding of project management principles.
• Strong knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and associated security controls.
• In-depth understanding of SSO protocols and standards (e.g., SAML, OAuth, OpenID Connect) and their implementation.
• Execute data migrations from legacy/competing platforms into M365
• Familiarity with Endpoint Detection and Response (EDR) and Network Detection and Response (NDR) solutions (e.g., Sophos, Darktrace)

Physical Requirements:

• Must be able to remain in a stationary position at least 50% of the time.
• Must be able to lift 50lbs.
• Travel requirements less than 10%

This job description in no way states or implies that these are the only duties to be performed by the employee(s) in this position. Employee(s) will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments.

All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. The requirements listed in this document are the minimum levels of knowledge, skills, and abilities.

Spotless Brands and its subsidiaries comply with federal and state disability laws and make reasonable accommodation for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or recruitment process, please contact the Human Resources department and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Human Resources team will respond to your email promptly.

Spotless Brands and its affiliate brands are Equal Employment Opportunity (EEO) employers. Spotless Brands invites all qualified interested applicants to apply for career opportunities. It is the policy of the company to provide equal opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran, disabled status or any other protected group status as defined by and subject to applicable federal, state and local laws. We use E-Verify to check employment eligibility: https://www.everify.gov/sites/default/files/everify/posters/EVerifyParticipationPoster.pdf and https://www.e-verify.gov/sites/default/files/everify/posters/IER_RightToWorkPoster%20Eng_Es.pdf