Sr. Security Engineer (Hybrid)
Role: Security EngineerCompany: Belk
Job description
We are seeking a Senior Security Engineer to join our cybersecurity team and play a critical role in protecting our enterprise from evolving cyber threats. The ideal candidate is a hands-on technical expert with strong experience across multiple areas of security—including endpoint protection, IT networking, cloud security, data protection, and incident response. This person should be passionate about security, proactive in identifying risk, and constantly driven to improve the security posture of a fast-paced retail environment. Key Responsibilities: • Collaborate with IT and development teams to integrate security best practices into all projects. • Oversee Endpoint Detection and Response (EDR) technologies to detect and contain threats on user and server endpoints. • Support incident response efforts by triaging security alerts, investigating threats, performing root cause analysis, and coordinating response actions. • Collaborate with IT and networking teams to implement network segmentation, secure configurations, and threat detection capabilities. • Assess and implement security controls across cloud platforms ensuring compliance with best practices and regulatory requirements. • Monitor and enhance SIEM/log management capabilities to improve threat visibility and detection. • Evaluate, deploy, and tune security tools such as firewalls, intrusion prevention systems (IPS), and data loss prevention (DLP) platforms. • Document security architecture, runbooks, and response procedures; assist with internal/external audits. • Mentor junior engineers and contribute to a culture of learning, security awareness, and continuous improvement. • Manage cybersecurity vendors and third-party service providers, including tool selection, performance evaluation, and ongoing relationship management. • Adhere to processes and procedures for change management and trouble ticket resolution; and maintain documentation as changes are made. • Administer and maintain Privileged Access Management (PAM) solutions and processes to safeguard access to critical systems and sensitive data. Required Qualifications: • 5+ years of hands-on experience in cybersecurity roles, including experience as a security engineer or analyst. • Deep understanding of vulnerability management tools and processes (e.g., Qualys, Tenable, Rapid7). • Proficiency with EDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint). • Solid knowledge of IT networking fundamentals, protocols, firewalls, and segmentation strategies. • Experience securing cloud environments (IaaS/PaaS), including identity and access management, encryption, and logging. • Proven experience in incident detection, analysis, and response, including familiarity with MITRE ATT&CK and threat hunting methodologies. • Familiarity with SIEM tools (e.g., Gurucul, Microsoft Sentinel, Google SecOps) and log analysis. • Working knowledge of compliance standards (e.g., PCI DSS, NIST, CIS Controls). Preferred/Bonus Qualifications: • Scripting or automation skills (e.g., Python, PowerShell, Bash) to streamline detection, reporting, and remediation tasks. • Experience with security frameworks and risk management methodologies. • Exposure to DevSecOps practices and infrastructure-as-code security. • Certifications such as CISSP, GIAC, GCIH, Security+, or GCP/Azure Security. • Understanding of standard network protocols, operating systems (Windows, Linux, macOS), and web technologies. • Solid understanding of cybersecurity principles, secure coding practices, cloud infrastructure, and network security controls. • Knowledge of system administration concepts, including server configuration, user, and patch management. • Willingness to continuously learn new tools, methodologies, and technologies in the rapidly evolving field of cybersecurity. • Ability to work effectively as a team, collaborate with other security professionals, and share knowledge and expertise. • Must be current on modern threats and threat actor groups. Knowledge, Skills, & Abilities: • Advise and maintain specific security controls as required by organizational policy and local risk assessments to maintain confidentiality, integrity and availability of business information systems and to enhance resilience to unauthorized access • Perform vulnerability testing and assessments Incident management: Detection and Remediation • Follow and maintain the general guidelines and standards for security • Monitor the application security operations procedures and reviews information systems for actual or potential breaches in security • Ensure that security incidents accurately documented and complete Consistently improve processes, policies and tools • Communicate effectively with business partners, outsourced partners and vendors • Maintains positive attitude and momentum in challenging situations Demonstrates flexibility, resiliency and productivity in response to shifting priorities • Recognizes individuals and team success Delivers on Belk’s brands and strives to exceed customer needs • Seeks and shares customer feedback with others • Delivers high quality products and services • Focuses on desired results and how best to achieve them • Takes personal responsibility for the quality and timeliness of work #LI-CM1 #IND3 #LI-HYBRID
Requirements
• The ideal candidate is a hands-on technical expert with strong experience across multiple areas of security—including endpoint protection, IT networking, cloud security, data protection, and incident response
• This person should be passionate about security, proactive in identifying risk, and constantly driven to improve the security posture of a fast-paced retail environment
• 5+ years of hands-on experience in cybersecurity roles, including experience as a security engineer or analyst
• Deep understanding of vulnerability management tools and processes (e.g., Qualys, Tenable, Rapid7)
• Proficiency with EDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint)
• Solid knowledge of IT networking fundamentals, protocols, firewalls, and segmentation strategies
• Experience securing cloud environments (IaaS/PaaS), including identity and access management, encryption, and logging
• Proven experience in incident detection, analysis, and response, including familiarity with MITRE ATT&CK and threat hunting methodologies
• Familiarity with SIEM tools (e.g., Gurucul, Microsoft Sentinel, Google SecOps) and log analysis
• Working knowledge of compliance standards (e.g., PCI DSS, NIST, CIS Controls)
• Advise and maintain specific security controls as required by organizational policy and local risk assessments to maintain confidentiality, integrity and availability of business information systems and to enhance resilience to unauthorized access
• Communicate effectively with business partners, outsourced partners and vendors
• Maintains positive attitude and momentum in challenging situations Demonstrates flexibility, resiliency and productivity in response to shifting priorities
• Recognizes individuals and team success Delivers on Belk’s brands and strives to exceed customer needs
• Takes personal responsibility for the quality and timeliness of work
SHARE THIS OPENING
Similar jobs
Job Type
Fulltime role
Skills required
No particular skills mentioned.
Location
Charlotte, North Carolina
Salary
No salary information was found.
Date Posted
June 19, 2025
Similar jobs
Belk
Belk is seeking a Senior Security Engineer to enhance its cybersecurity posture in a hybrid role based in Charlotte, North Carolina. The ideal candidate will have extensive experience in various security domains, including endpoint protection, cloud security, and incident response.
