
sheetz
Security Engineer II
Job description
This role qualifies for a remote work arrangement within our 7 state footprint (PA, OH, MI, WV, VA, MD, NC).
OVERVIEW
Leads engineering efforts for enterprise-wide security initiatives and provides technical leadership in the design, architecture, and implementation of secure solutions. Responsible for translating business and risk requirements into scalable, resilient security capabilities, while influencing standards, driving technical direction, and ensuring security is embedded across platforms, applications, and infrastructure.
RESPONSIBILITIES (other duties may be assigned)
- Design, engineer, and implement new security solutions that address complex enterprise risks while aligning with architectural standards and business objectives.
- Lead technical evaluations, proof-of-concepts, and vendor assessments to select security technologies that meet functional, scalability, and risk management requirements.
- Perform advanced troubleshooting and lead incident response activities, including root cause analysis, remediation planning, and post-incident improvements.
- Develop and maintain automation scripts and tooling to improve security platform operations, efficiency, consistency, and response times.
- Own and drive the lifecycle management and roadmap planning for assigned security tools, including upgrades, integrations, and decommissioning.
- Serve as a subject matter expert (SME) across multiple security domains and technologies, providing guidance and technical direction to stakeholders and project teams.
- Partner with compliance, risk, and audit teams to support internal and external audits, security reviews, and control validation activities.
- Lead the technical execution of security projects, including solution design, implementation oversight, testing, and transition to operations.
- Collaborate closely with enterprise architects, infrastructure, application, and cloud engineering teams to ensure security is integrated into designs and delivery processes.
- Mentor and coach junior engineers by sharing expertise, reviewing designs, and promoting secure engineering best practices.
- Participate in an on-call rotation to provide evening and weekend support as needed. As Sheetz operates 24/7/365, internal and external customers may require support at any time.
QUALIFICATIONS
(Equivalent combinations of education, licenses, certifications and/or experience may be considered. Two years of experience is equivalent to one year of college/trade school)
Education
- Bachelor’s degree in Computer Science, Engineering or related field required.
Experience
- Minimum 2 years cyber security experience required
- Minimum 1 year cyber security engineering experience required
- Previous experience with security solutions such as DLP, EDR, PKI, Password/Secret management, SEIM & SOAR required.
- Previous exposure to utilization of IP, TCP/IP, and other network administration protocols required
- Previous exposure to utilization of Windows and Linux systems required
- Previous experience with security incident response preferred
- Previous experience with SSPM (SaaS Security Posture Management) preferred
- Previous experience with SaaS hardening and configuration management preferred
Licenses/Certifications
- Maintain a continuous personal professional development program; this level requires at least 1 cybersecurity certification and commitment to pursue additional cybersecurity certifications. Examples follow:
o CompTIA CySA+ (Cybersecurity Analyst): Validates skills in threat detection, analysis, and incident response. o CompTIA Security+: Establishes a strong foundation in core cybersecurity principles. o Certified Ethical Hacker (CEH): Demonstrates knowledge of attack methodologies and defensive countermeasures (Preferred), or equivalent foundational security certification.
Tools & Equipment
- General Office Equipment
ACCOMMODATIONS
Sheetz is committed to the full inclusion of all qualified individuals. Sheetz is committed to considering all applicants regardless of disability who can perform all essential job duties with or without accommodations.
- Design, engineer, and implement new security solutions that address complex enterprise risks while aligning with architectural standards and business objectives.
- Lead technical evaluations, proof-of-concepts, and vendor assessments to select security technologies that meet functional, scalability, and risk management requirements.
- Perform advanced troubleshooting and lead incident response activities, including root cause analysis, remediation planning, and post-incident improvements.
- Develop and maintain automation scripts and tooling to improve security platform operations, efficiency, consistency, and response times.
- Own and drive the lifecycle management and roadmap planning for assigned security tools, including upgrades, integrations, and decommissioning.
- Serve as a subject matter expert (SME) across multiple security domains and technologies, providing guidance and technical direction to stakeholders and project teams.
- Partner with compliance, risk, and audit teams to support internal and external audits, security reviews, and control validation activities.
- Lead the technical execution of security projects, including solution design, implementation oversight, testing, and transition to operations.
- Collaborate closely with enterprise architects, infrastructure, application, and cloud engineering teams to ensure security is integrated into designs and delivery processes.
- Mentor and coach junior engineers by sharing expertise, reviewing designs, and promoting secure engineering best practices.
- Participate in an on-call rotation to provide evening and weekend support as needed. As Sheetz operates 24/7/365, internal and external customers may require support at any time.
(Equivalent combinations of education, licenses, certifications and/or experience may be considered. Two years of experience is equivalent to one year of college/trade school)
Education • Bachelor's degree in Computer Science, Engineering or related field required.
Experience • Minimum 2 years cyber security experience required • Minimum 1 year cyber security engineering experience required • Previous experience with security solutions such as DLP, EDR, PKI, Password/Secret management, SEIM & SOAR required. • Previous exposure to utilization of IP, TCP/IP, and other network administration protocols required • Previous exposure to utilization of Windows and Linux systems required • Previous experience with security incident response preferred
• Previous experience with SSPM (SaaS Security Posture Management) preferred
• Previous experience with SaaS hardening and configuration management preferred
Licenses/Certifications • Maintain a continuous personal professional development program; this level requires at least 1 cybersecurity certification and commitment to pursue additional cybersecurity certifications. Examples follow:
o CompTIA CySA+ (Cybersecurity Analyst): Validates skills in threat detection, analysis, and incident response. o CompTIA Security+: Establishes a strong foundation in core cybersecurity principles. o Certified Ethical Hacker (CEH): Demonstrates knowledge of attack methodologies and defensive countermeasures (Preferred), or equivalent foundational security certification.
Tools & Equipment • General Office Equipment


