POSITION SUMMARY:
The Cybersecurity Engineer II is a mid-level IT security staff grade within the information security framework. This role requires mid to high level experience in both IT security and Infrastructure operations and will have an extensive background in core security areas including secure design and engineering, security analysis, security tools, policy, investigative and preventative controls, vulnerability assessment, penetration testing, ethical hacking, audit and compliance, security in layers, and core security techniques. The CSE II will work closely with other security and operational team members to implement, maintain, and improve the security posture of the infrastructure. The CSE II is more independent than an CSE I and should be able to help lead two or more concurrent projects while serving as member for additional concurrent projects.
ESSENTIAL FUNCTIONS:
- Works more independently than an CSE I and is able to take lead on engagements
- Run multiple concurrent projects as lead infosec engineer
- Maintains and implements enhancements to current security management software and hardware devices including, but not limited to: EDR, SIEM, SOAR, XDR, ZTNA
- Provides input across multiple disciplines regarding new projects to ensure the security posture of the environment.
- Provides technical expertise and support to other IT Security team projects and troubleshooting.
- ALL OTHER DUTIES AS ASSIGNED
EXPERIENCE/QUALIFICATIONS:
Minimum Degree Required: Bachelor's Degree In Computer Information Systems
- Preferred Degree: Master's Degree In Computer Information Systems
- Certificate(s) or License(s) preferred: CISSP, CISM, CISA, GIAC, GSEC, CSSP, CCIE-Sec, CEH, PCI ISA, etc.
- Years of experience: 4-6 years; Multi-domain Security Experience, preferred
KNOWLEDGE, SKILLS, AND ABILITY:
- Must have knowledge in configuration, tuning, and administration of Endpoint Detection & Response (EDR) and Extended Detection & Response (XDR) platforms (e.g., CrowdStrike, Microsoft Defender, SentinelOne, Palo Alto Cortex).
- Possess hands-on knowledge of endpoint, identity, cloud, and log-based telemetry, including host-based sensors, process monitoring, file system activity, authentication logs, and API-based integrations across Windows, macOS, Linux, and cloud workloads.
- Strong understanding of detection engineering concepts, including behavioral detections, MITRE ATT&CK mapping, alert fidelity tuning, and false-positive reduction.
- Knowledge of encryption technologies and secure communications as they relate to endpoint agents, secure telemetry transmission, certificate-based authentication, and troubleshooting encrypted data flows.
- Working knowledge and exposure to SIEM and log management platforms (e.g., Splunk, Elastic, Microsoft Sentinel, CrowdStrike NG-SIEM), including log onboarding, parsing, normalization, correlation rules, dashboards, and retention strategies.
- Experience with SOAR platforms and automated response workflows (e.g., Palo Alto XSOAR, Splunk SOAR, Sentinel playbooks), including alert triage, enrichment, containment actions, and integration with ITSM and identity platforms.
- Knowledge of remote access, endpoint isolation, containment, and remediation techniques, including live response, host quarantine, process termination, and forensic artifact collection.
- Familiarity with endpoint and identity security controls, such as device control, attack surface reduction, application control, and identity-driven detections.
- Ability to work with small teams of high-performance professionals within direct or matrixed security operations, engineering, and incident response functions.
- Familiarity and experience developing, writing, and enhancing enterprise-grade security policies, standards, and procedures related to detection, response, incident handling, logging, and monitoring; demonstrated ability to assess current practices, identify gaps, and propose improved approaches.
TRAVEL REQUIREMENTS:
Minimal travel (<10%) with occasional travel to headquarters in Springfield for meetings
PHYSICAL REQUIREMENTS:
Regular sitting.
Occasional walking and standing.
INDEPENDENT JUDGEMENT:
Performs duties within scope of general company policies, procedures, and objectives. Analyzes problems and performs needs assessments. Uses judgment in adapting broad guidelines to achieve desired result. Regular exercise of independent judgment within accepted practices. Makes recommendations that affect policies, procedures, and practices.
Full Time Benefits Summary:
Enjoy discounts on retail merchandise, our restaurants, world-class resorts and conservation attractions!
- Medical
- Dental
- Vision
- Health Savings Account
- Flexible Spending Account
- Voluntary benefits
- 401k Retirement Savings
- Paid holidays
- Paid vacation
- Paid sick time
- Bass Pro Cares Fund
- And more!
Bass Pro Shops is an equal opportunity employer. Hiring decisions are administered without regard to race, color, creed, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, ancestry, citizenship status, disability, veteran status, genetic information, or any other basis protected by applicable federal, state or local law.
Reasonable Accommodations
Qualified individuals with known disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws.
If you need a reasonable accommodation for any part of the application process, please visit your nearest location or contact us at hrcompliance@basspro.com.