Senior Information Security Analyst

Kohl's Digital Center South, Milpitas, CA With a $1 billion dollar investment in cutting-edge technology over the next 3 years,  continuous innovation coupled with best in class information security technologies that protect millions of families we call customers is at the heart of everything that we do.  Join our Cyber Security team and see what it's like to work for the most engaging retailer in the world.  We offer flexible schedules (including work from home opportunities), clear career paths, autonomy, and opportunities to work with the newest technologies including Cloud Security Tools.   

What Will You Be Doing?

Kohl's seeks a highly motivated and passionate Security Engineer with a focus on Software and Application Security. This Information Security professional will create, maintain, and improve practices within our Software Development Life Cycle.  As a member of Information Security's Software Security Group, you will provide support for Software Architecture reviews, Security Testing, Code Scans/Reviews, Training, DevSecOps, and create processes that are consumable and scalable for the business.  This team is responsible for Software Security throughout the enterprise.

Have fun doing it!


More on the Day to Day: 

Proactively maintains information security policies to protect the integrity of the organization's networks, systems, applications and data

  • Direct experience with secure application development and application security risk mitigation techniques--knowledge of the common application layer vulnerabilities and the ability to explain these risks to developers
  • Proactively monitors, evaluates, and maintains systems and procedures that safeguard internal information systems, networks, databases, and Web-based security; makes recommendations to enhance systems
  • Recommends and implements changes to enhance systems security and prevent unauthorized access
  • Identify opportunities for developer training
  • Identifying or defining needed internal standards & frameworks
  • Monitors and researches new and emerging threats to preemptively eliminate the possibility of system breach; stays current on information security websites
  • Executes software, hardware and service evaluations
  • Participates in security audits and security risk assessments
  • Assess and communicate security risks to the organization
  • Evaluate and implement measures to determine compliance with regulations and privacy laws
  • Effectively communicate security issues with developers and business leaders
  • Rapidly assimilate business strategies and apply creative problem solving solution
  • Provide guidance to the Security Testing team to evaluate defect risks and severity
  • Proficient in the following areas: code review, static testing, dynamic testing, and/or application penetration testing
  • Knowledgeable in network/application penetration tools. Participate in Red/Purple Team exercises.



What We're Looking For: 
  • required
    • 5+ years of technology security experience
    • Bachelors degree or equivalent
    • Solid technology background with the ability to challenge or validate technology decisions from a position of knowledge and experience
    • Scripting knowledge in JavaScript/Python
    • 1+ years Java coding
    • Good understanding of software architecture
    • Highly-motivated, self-driven personality
  • preferred
    • Bachelor's Degree in MIS, Computer Science (or related field) or equivalent in Information Security
    • 5+ years of experience securing large enterprise applications
    • Exposure to cloud-based applications/architecture is a plus
    • 3+ years Java/JavaScript/Python
    • Retail experience

Back to top