Engineer Ii, Cybersecurity

Work Authorization: Applicants must be currently authorized to work in the United States on a full-time basis. This position will be the subject matter expert on all platforms that fall into the category of CarMax’s® assets to ensure the protection, integrity and confidentiality of customer, vendor, employee, and business information in compliance with organization policies and standards utilizing current information security technology disciplines and industry standards. This is a unique opportunity at a Fortune 500 company and national brand to expand and develop skills beyond current endpoint or network focus to a broader skill and toolset in the security program. This opportunity provides the ability to both lead implementation and improvements while also providing the opportunity for hands‑on operation across the full suite of security capabilities. The Cybersecurity Engineer performs all network and endpoint security activities necessary to ensure the safety of information systems assets and protects systems from intentional and inadvertent access or destruction under limited direction. This role interfaces with application, infrastructure, and network operations teams and develops the necessary procedures to maintain security and educates the user community. The Cybersecurity Engineer also provides metrics, status reports, and audit results for key stakeholders while driving improvements and program maturity. Desire to keep current with technology and client industry Implement, develop, operate, and improve Cybersecurity solutions Provide functional and technical expertise on projects that require Cybersecurity services Gather information from the business and IT department to develop security-related processes and procedures to continuously improve the security posture of CarMax Assist in driving tasks and projects to successful completion through effective project management, customer interaction, and IT coordination Effectively triage support problems and respond with the appropriate level of urgency Participate in a 24x7 on-call rotation as scheduled, and the ability to perform after hours support as needed QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Technical Qualifications Network security technologies: Firewalls, Proxies, Network Access Controls, Intrusion Detection, Intrusion Prevention, Routing Familiarity with identity concepts (Authentication, Authorization, and Governance), Data Loss Prevention, Secure coding and configuration standards Windows server and Linux Operating Systems Cloud technology (SaaS, IaaS, PaaS) Excellent analytical, troubleshooting, and problem‑solving skills and performs well in high pressure or stressful situations Excellent organization and time management skills Excellent communication skills to include, but not limited to, verbal and written communication; delivering organized presentations; able to tailor message to the audience; and facilitate group discussions with diplomacy and seek diverse opinions Ability to effectively estimate the efforts of others and the impact required to accomplish requested tasks/projects EDUCATION and/or EXPERIENCE 1-5 years of experience in information security operations Bachelor’s Degree in Computer Science, Engineering, Cybersecurity, or a related field or equivalent alternative education, skills, and/or practical experience is required. Certifications: CISSP, CISA, Security+, CCNA or CCNP Security preferred Work Location and Arrangement: This role will be based out of the Richmond, VA Technology Innovation Center and have a Hybrid work arrangement. #J-18808-Ljbffr