Associate Security Engineer at Finch Turf, Inc. – Minneapolis, Minnesota

Position Title: Associate Security Engineer

Job ID: R-000470

Location: US MN Minneapolis Office

Posting Type: Full time

Description:

SPS Commerce is a leading provider of cloud-based supply chain management solutions, serving a global network of retail trading partners. We foster a collaborative and inclusive work environment where innovation and continuous improvement are highly valued. Join SPS Commerce and be part of a dynamic team that's transforming the global retail supply chain!

Position Summary:The Associate Security Engineer II will ensure Company technology, systems, processes, and practices, have security defined, integrated, and implemented, according to the SPS security framework to identify, protect, detect, respond, and recover from security events. Together with the security team, broader tech team, and additional stakeholders, this role will ensure that risk-based controls are implemented to protect SPS.

Essential Responsibilities / Duties

• Devise reasonable security controls to protect SPS and align with our business objectives

• Perform security testing (incorporating methodologies like pen testing, red-teaming, SAST, DAST, etc.) of infrastructure and applications as needed

• Participate in development and evaluation of security toolsets to develop security capability

• Support internal and external security assessments, third-party assessments, and due-diligence initiatives

• Develop, manage, and consult on the technical architecture for enterprise security controls

• Partner with business and technology operations groups to manage and maintain the security technology stack (identity solutions, cloud capabilities, audit tools)

• Stay informed of security best practices and application to technology development and implementation practices for operations – accountable for driving the integration of security into development operations and existing continuous delivery/continuous improvement business processes

Minimum Requirements

• Bachelor’s degree in related business or technical area, or an equivalency of education and work experience

• 1+ years of hands-on experience in Cloud Security Environment

• IT Security and/or security engineering experience and/or IAM

• Understanding of designing and implementing standards, specifications, and procedures

• Knowledge of security frameworks such as ISO27001 and NIST CSF

• Knowledge of regulatory requirements from SOX and PCI-DSS

Preferred Experience

• System configuration and architecture experience

• Strong knowledge of industry accepted information security best practices, standards, and policies such as NIST CSF, OWASP, CIS, STIG, MITRE ATT@CK, etc.

• Experience with SOC2 Type 2 audit process and reporting

• Certifications & Licenses: One or more industry certification - CISSP, CISM, CISA, CCFE, GIAC, CCIE, CCSP, ABCP, MBCP, ISA, PCIP, CEHCommitment to our Employees:

At SPS we power connections that drive the world of commerce forward, and our success depends on making strong decisions, fostering innovation, delivering unparalleled customer solutions, and driving outstanding business performance. We achieve this by creating an environment where every employee feels a true sense of belonging. We embrace diversity, equity, and inclusion, ensuring everyone feels accepted, valued, and empowered to make a meaningful impact.

We are committed to affirmative action and equal opportunity in all aspects of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

}