Lead Cybersecurity Engineer

Overview

Chick-fil-A is looking for a Lead Cybersecurity Engineer to safeguard our vertical business lines and international restaurants (entities).

In this role you'll design and implement cutting-edge security solutions, collaborating with talented teams to protect our systems from evolving cyber threats. This role offers the opportunity to shape cybersecurity strategies, solve complex challenges, and make a real impact on a global scale. If you're a passionate cybersecurity professional who thrives in a fast-paced, innovative environment, we encourage you to apply and experience the Chick-fil-A culture.

This role is based in Atlanta, GA. For candidates that do not live in the Atlanta metropolitan area, Chick-fil-A offers a full relocation policy.

Our Flexible Future model offers a healthy mix of working in person and virtually, strengthening key elements of the Chick-fil-A culture by fostering collaboration and community.

Responsibilities

Security Engineering

• Design, implement, and maintain security solutions to address vulnerabilities and risks within our systems, with a specific focus on Chick-fil-A's entities.
• Develop and enforce technical security standards, patterns, and best practices to establish and maintain a consistent and robust security posture across the organization.
• Proactively identify and address security gaps in existing systems and architectures, recommending and implementing enhancements to strengthen our overall security posture.
• Conduct comprehensive threat modeling exercises to identify potential vulnerabilities and recommend countermeasures, contributing to the overall resilience of our systems.
• Stay abreast of emerging threats and vulnerabilities, researching and recommending proactive security measures to mitigate potential risks.

• Collaborate closely with development teams to champion security best practices throughout the software development lifecycle, fostering a culture of security by design.
• Partner with cross-functional teams to translate strategic security objectives into actionable plans with defined metrics, timelines, and ownership. Drive progress, track key results, and ensure timely completion of initiatives.
• Proactively engage with teams across the organization to understand their unique security needs and tailor solutions to mitigate their specific risks.

• Transform cybersecurity objectives into measurable action plans, driving execution, tracking progress, and ensuring successful completion.
• Regularly report on security posture, initiatives, and key metrics to management, providing actionable insights and recommendations.
• Contribute to the development and maintenance of security documentation, including policies, procedures, and technical guides.
• Effectively communicate complex security concepts to both technical and non-technical audiences, ensuring clear understanding and buy-in from stakeholders.
• Lead by example to instill a culture of growth, trust, and transparent communication.

• Strong understanding of cybersecurity principles.
• Strong understanding of cloud service providers (prefer AWS).
• Strong understanding of computer network principles.
• Strong understanding of identity and access management principles.
• Strong understanding of cybersecurity engineering best practices.

• Programming experience in a modern software development language.
• Proficiency in various AWS cloud services and security in the cloud
• Technical risk assessment and mitigation planning.
• Strong problem-solving and analytical skills.
• Excellent verbal and written communication skills.
• Collaboration and teamwork skills.

• Ability to design, implement, and improve cybersecurity solutions.
• Ability to analyze and respond to security threats and incidents effectively.
• Ability to identify and analyze potential methods of attack.
• Ability to balance cybersecurity initiatives with business priorities.
• Ability to quickly learn new technologies and architectures.

• Experience in one or more of the following roles: Cybersecurity Architect, Cybersecurity Engineer, Cybersecurity Consultant
• Cybersecurity Certifications (e.g. OSCP, GSEC, CEH, CISSP, Security+, AWS Security Specialty)