With approximately 1,300 boutiques and outlets throughout the U.S., as well as an online presence for each of our brands, it takes sophisticated technology, resources and infrastructure to ensure the continued success of our businesses. From finance and accounting to technology and merchandising careers, we have diverse opportunities available for talented professionals to join our team of nearly 16,000 associates who share our commitment to excellence. POSITION OBJECTIVE:
This position is an important and integral member of the IT Security Team. In this role the individual will ensure the secure operation of the IT infrastructure/environment such as Cloud, in-house computer systems, servers, and network connections. Partners with security team members to analyze and resolve security breaches, vulnerability issues. Additionally, this position will ensure all end user security issues are adequately addressed and resolved in a timely and accurate fashion. Other tasks may include involvement in the testing and implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability testing. FUNCTIONAL RESPONSIBILITIES:
- Understands and applies the concepts of Confidentiality, Integrity, and Availability.
- Understands and applies cloud security controls (IaaS / PaaS / SaaS).
- Deploys, administers, and troubleshoots security systems by applying vendor software updates, tuning for optimal performance, functionality and security, and configure/understand alerts from these systems.
- Participates / Contributes to the development of security documents (baselines, guidelines, and procedures).
- Implements, maintains, and oversees enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
- Follows process and procedures to address security concerns / problems / requests.
- Participates in investigations into problematic activity.
- Keeps current with emerging security alerts and issues.
- Reviews security vulnerabilities to identify risks to Desktop, Servers, Web based, Mobile, and embedded devices and follows-through to validate vulnerabilities have been remediated.
- Monitors server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interprets activity and makes recommendations for resolution.
- Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
- Participates in data security, system security, and end user activity discussions to address any risk to the organization and provide recommendations.
- Understands the maintenance of end user accounts, Role Based Access Control, and Permissions.
- Provides Security Awareness training.
- Provides on-call security support to end-users.
- Upholds the highest Ethical Standards.
- Bachelor's Degree in Computer Science, MIS or equivalent is required
- 3+ years' experience in IT Security
- Experience with and knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, data loss prevention and other industry-standard techniques and practices
- Experience with and knowledge of current IT Security protocols and standards.
- Intermediate knowledge of network, PC, and platform operating systems
- Intermediate knowledge of servers, VMware, and operating systems
- Intermediate knowledge of TCP/IP and network administration/protocols
- Intermediate knowledge of scripting languages, PowerShell / Python
- Basic understanding of applicable practices and laws relating to data privacy and protection
- Extensive knowledge in Active Directory
- Extensive knowledge in Splunk running in an enterprise environment
- Intermediate knowledge of digital forensics principles
- Intermediate knowledge of all Microsoft based products/suites such as O365, Outlook, Excel, Word, Access, etc.
- Must be dependable, punctual, reliable, and ethical
- Must have the ability to work in a fast-paced environment and react to situations as they arise in the appropriate manner
- Ability to analyze and resolve issues via telephone / Remote
- Ability to work independently or in a team environment and effectively meet project deliverables on time
- Preferred Certifications; Certified Ethical Hacker, Associate of ISC2, ISC2 Systems Security Certified Practitioner, CISSP
- Preferred familiarity with a retail marketing environment is highly desirable
Chico's FAS, Inc. is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, childbirth and related medical conditions, lactation, genetic information, gender, sexual orientation, gender identity or expression, military service, veteran status, or any other category protected under federal, state, or local law.