Costco
SAP Security Engineer
Issaquah, WA
Dec 25, 2024
Full-time
Full Job Description

Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in fourteen countries. Despite our size and explosive international expansion, we continue to provide a family, employee centric atmosphere in which our employees thrive and succeed.

This is an environment unlike anything in the high-tech world and the secret of Costco’s success is its culture. The value Costco puts on its employees is well documented in articles from a variety of publishers including Bloomberg and Forbes. Our employees and our members come FIRST. Costco is well known for its generosity and community service and has won many awards for its philanthropy. The company joins with its employees to take an active role in volunteering by sponsoring many opportunities to help others.

Come join the Costco Wholesale IT family. Costco IT is a dynamic, fast-paced environment, working through exciting transformation efforts. We are building the next generation retail environment where you will be surrounded by dedicated and highly professional employees.

Security Engineers develop, design, implement, and integrate security systems used to safeguard enterprise assets against cyber-attack. Security Engineers drive innovation, influence delivery, and maximize performance. They deliver high quality artifacts, develop and run security tests, and continuously tune security tools for optimization. Security Engineers identify gaps and inefficiencies, and work with the business to implement solutions based on their requirements.

Security Engineers support the values and business goals as they relate to legal, ethical, and regulatory obligations; protect privacy; and maintain a secure technology environment. Security Engineers develop and execute security controls, defenses, and countermeasures to intercept and prevent internal/external attacks, infiltration of company data, and compromising of systems and accounts. Security Engineer researches attempted/successful efforts to compromise systems security; design countermeasures; implement and maintain physical, technical, and administrative security controls; and provide information to management regarding the negative impact to the business.

This position will be responsible for security administration for a variety of SAP applications/modules, including S/4, HANA DB, Fiori, ECC, HCM, FICO, eWM, Solution Manager, BODS, BOBJ, BW, ETD, GRC, and CRM. This position will also support enterprise portal security and other SAP JAVA related technologies.

This individual is responsible for SAP security access and compliance for the organization in all SAP instances. In addition, this role will work with the application owners, develop and support security priorities, create and maintain standards and procedures, and provide expertise in the area of SAP and other non-SAP applications as they relate to the security of any SAP instance. The duties encompass security administration of SAP and non-SAP applications that are connecting to SAP instances, assisting in the design and build of security authorizations, ensures compliance to security policies and procedures, resolves access problems and handles security incidents. This is a cross-functional support role to the organization and will interface within and outside of IT departments. In this role it is critical to build and maintain internal relationships and external business partners.

If you want to be a part of one of the worldwide BEST companies “to work for”, simply apply and let your career be reimagined.

ROLE

● Provides security and technical expertise to support the development of security objects to satisfy business requirements.

● Analyzes and administers security policies to control physical and virtual system access.

● Identifies and investigates security issues and develops security solutions that address compliance requirements that can/ do impact security.

● Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance and support of the security standards and procedures.

● Assesses business role requirements, reviews authorization roles, and supports authorizations.

● Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.

● Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.

● Implements best practice when applying knowledge of information systems security standards/practices (e.g.access control and system hardening, system audit and log file monitoring, security policies, and incident handling).

● Designs and coordinates activities/engagements with other departments (loss prevention, legal, networking, etc).

● Identifies security gaps that expose Costco to potential exploit, and develop short- and long-term prioritized remediation to address those gaps.

● Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal/external data infiltrations.

● Determines strategy and protocol for network behavior, analysis techniques, and tool implementation.

● Identifies and resolves problems often anticipating issues before they occur or before they grow; develops and evaluates options; and implements solutions that support the business.

● Provides subject matter expertise in systems security policies, standards/practices, protocols, and technologies.

● Configures, deploys, maintains, and supports security tools.

● Protects confidentiality, integrity, and availability of information from being disclosed to unauthorized parties.

● Creates dashboards, configures alerts, implements and supports security software platforms, and monitors tools/apps.

● Identifies opportunities for streamlining, and increasing effectiveness through continuous process improvement.

● Implements practices, processes, and procedures consistent with Costco's information security policy and IT standards.

● Develops and documents security events and incident handling procedures into Playbooks.

● Ensures that incident documentation is comprehensive, accurate, and complete.

● Triages, prioritizes, investigates, and coordinates security events and incident handling activities.

● Collaborates with business partners, project teams, and team members to build secure solutions that protects data and enables the business with tools and processes that make sense, and adapt to changing business needs both on-premises, and in the cloud.

● Works with internal and external auditors.

● Designs, configures, and maintains various degrees of security.

● Gathers requirements from internal clients and provides security and technical expertise to support the development of security objects to satisfy business requirements.

● Develops security objects that meet business requirements while adhering to the principle of least privilege.

● Prepares and maintains documentation as needed.

● Works with business areas and project teams to troubleshoot issues with security objects, and identifies and implements appropriate solutions.

● Commits to upholding government and corporate security guidelines, including Segregation of Duties (SoD), Sarbanes-Oxley (SOX), and Payment Card Industry (PCI) standards.

● Understands compliance requirements that may impact security, and works with business areas and project teams to develop security solutions that address these requirements.

● Designs, develops, and maintains SAP user management and security architecture across SAP environments. This includes, hands-on role design, and build across a number of complex SAP applications, and databases.

● Participates in team activities and team planning in regards to improving team skills, awareness, and quality of work.

● Continues personal growth in the areas of technology, business knowledge, and Costco policies and platforms.

REQUIRED

● 5-8 years’ hands on SAP security expertise.

● Minimum of 5 years’ experience with SAP Security across various applications, including but not limited to, S/4, BTP, Signavio, ECC, HCM, FICO, HANA DB, GRC, BODS, BOBJ, BW, Fiori, PI/PO, EWM, ETD, and Solution Manager.

● Experience with SAP's role-based security concepts and the Profile Generator.

● Understanding of SAP security best practice.

● Ability to work with ServiceNow Ticketing Tool.

● Ability to use Excel / Access DB and Google Spreadsheets.

● Ability to assess business role requirements, design authorization roles, and manage supporting authorizations.

● Experience with Enterprise portals authorizations.

● Strong understanding of SAP GRC Ruleset and its usage for Security Analysis at User and Role level.

● Experience testing authorizations for multiple environments, and coordinating testing with business and technical users.

● Strong understanding of Sarbanes-Oxley (SOX) and other compliance requirements that may impact SAP Security.

● Knowledgeable regarding transaction auditing; ability to work with and support internal and external audit teams.

● Knowledge of SAP NetWeaver security; ability to speak to infrastructure level security concerns, and to work with technical teams to ensure such concerns are addressed.

● Self-motivated, flexible, openness to learn new things, and strong focus on customer needs.

● Ability to work with limited supervision and exhibit a strong sense of urgency.

● Ability to effectively mentor team members.

● Experience in successful project implementations.

● Strong conceptual, analytical, problem-solving, troubleshooting, and resolution skills.

● Ability to monitor and manage the progress of tasks.

● Strong time management and decision-making skills.

● Demonstrates a logical and structured approach to time management and task prioritization.

● Demonstrates a high level of communication skills, verbal and written.

● Able to support off hours work as required, including 24/7 on call responsibilities on a rotational basis.

Recommended

● Bachelor’s degree in Accounting, Business, Information Technology or Computer Science preferred.

● Documentation and presentation skills catered to a diverse technical and business audience.

● Technical knowledge of SAP landscapes and roadmaps.

● Experience in SailPoint IGA is preferred.

● Proficient in Google Workspace applications, including Sheets, Docs, Slides, and Gmail.

Required Documents

● Cover Letter

● Resume

California applicants, please click here to review the Costco Applicant Privacy Notice.

Pay Range: $150,000 - $190,000, Bonus and Restricted Stock Unit (RSU) eligible

We offer a comprehensive package of benefits including paid time off, health benefits - medical/dental/vision/hearing aid/pharmacy/behavioral health/employee assistance, health care reimbursement account, dependent care assistance plan, short-term disability and long-term disability insurance, AD&D insurance, life insurance, 401(k), stock purchase plan to eligible employees.

Costco is committed to a diverse and inclusive workplace. Costco is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or any other legally protected status. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to IT-Recruiting@costco.com

If hired, you will be required to provide proof of authorization to work in the United States.

PDN-9dce5e5c-05d3-42fb-ac4e-e8bc76b1fd38
Job Information
Job Category:
Engineering
Spotlight Employer
Related jobs
Position Summary: The Dean of Libraries, Learning Resources, and eLearning is responsible for the effective operations of college libraries, learning support services, and online learning support. Th...
Dec 27, 2024
Mount Vernon, WA
Regional Campus Dean
University of South Carolina Lancaster
The University of South Carolina Lancaster has regional campuses in Lancaster and Indian Land, South Carolina. Located just south of Charlotte, NC, and established in 1959, it is the oldest and the la...
Dec 27, 2024
Lancaster, SC
Advertising Executive
Lee Enterprises Inc
The Tulsa World, a publication of Lee Enterprises, is seeking an energetic, skilled sales executive to drive digital multi-media account growth for new and existing accounts through prospecting, devel...
Dec 27, 2024
Tulsa, OK
©2024 Kappa Alpha Psi Fraternity, Inc.
Powered by TalentAlly.
Apply for this job
SAP Security Engineer
Costco
Issaquah, WA
Dec 25, 2024
Full-time
Your Information
First Name *
Last Name *
Email Address *
Zip Code *
Password *
Confirm Password *
Create your Profile from your Resume
By clicking the Apply button, you agree to the terms of use and privacy policy.
Continue to Apply

Costco would like you to finish the application on their website.

Ace your interview with
AI-powered interview practice

Get comfortable talking to hiring managers, receive personalized feedback on areas for improvement, sharpen your ability to answer the most common questions, and build confidence in formulating strong responses on the spot. Click the button below to begin your three free virtual interviews!