Sr Security Engineer

Hershey, PA, US

The Hershey Company

Here at Hershey, our purpose is to make more moments of goodness for consumers around the world.

View company page

Position Title: Senior Security Engineer

Location: Hershey, PA

                 This position can sit 100% remote




As a Senior Security Engineer for The Hershey Company, you will design and build a defensible network to minimize cyber risk to the company’s vision. The team has three major service categories. The first is infrastructure protection, which designs and builds solutions that protect enterprise systems from cyber threats. The second is analytic engineering, which designs and builds solutions that support threat intelligence, detection, investigation, and response to cyber threats. The third is security consulting, which enables IT architects, developers, engineers, and administrators to design and build secure technology solutions.



Major Responsibilities:


  • Research, assess, and continuously improve security solutions to ensure they are maturing and adapting according to the evolving threat landscape and evolving business requirements.
  • Consult with internal IT and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software.
  • Work with leadership, customers, and stakeholders in both IT and Information Security to develop requirements based on a changing threat landscape and new digital capabilities.
  • Design security solutions that mitigate or reduce cyber risk that is identified via assessments, consultations, and incident response.
  • Ideate, initiate, plan, execute, and close security projects in coordination with project management and project resources.
  • Implement new security solutions that are prioritized for their effectiveness at reducing cyber risk.
  • Implement continuous control monitoring to automate detection and remediation of control deficiencies
  • Transition solutions to security administrators for sustained service delivery.
  • Collaborate with security administrators to remediate solution failures.
  • Write standards, guidelines, processes, and procedures that maximize self-service for administrators to run security solutions and customers to build secure IT solutions





  • Bachelor’s degree in computer science, cybersecurity or a related field OR relevant equivalent experience.

  • Certifications (not required): GSE, GDSA, GCIA, GCIH, GSEC, GCDA, CISSP




  • Technical expertise in 2+ security domains between endpoint security, network security, email and web security, data security, identity security, cloud, containers, Operational Technology (OT), vulnerability and configuration management, threat intelligence management, security automation, and security incident and event management (SIEM).
  • Full-stack knowledge of IT infrastructure including applications, databases, operating systems, hypervisors, IP networks, storage networks, and backup media.
  • Strong working knowledge of IT service management, including change management, configuration management, asset management, incident management, and problem management.
  • Proficiency with at least one scripting language (e.g., Python, PowerShell).
  • Strong knowledge of common vulnerabilities and exploitation techniques.
  • Understands business needs and has a commitment to delivering high-quality, prompt and efficient service to the business.
  • Understands organizational mission, values, and goals and consistently applies this knowledge.
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
  • An ability to effectively influence others to modify their opinions, plans, or behaviors.
  • Self-motivated and possessing of a high sense of urgency and personal integrity.



Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Automation CISSP Cloud Computer Science Endpoint security Full stack GCIA GCIH GSEC Incident response IT infrastructure Monitoring Network security PowerShell Python Scripting SIEM Threat intelligence Vulnerabilities

Region: North America
Country: United States
Job stats:  13  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.