SupplyHouse.com, a fast-growing and successful e-commerce company, is seeking a passionate and dedicated Security Engineer to join our IT Team! As a Security Engineer you will proactively identify vulnerabilities, respond to security incidents, and ensure compliance with industry regulations. This is a fantastic opportunity to make a meaningful impact by strengthening our IT infrastructure, applications, and data security while working alongside talented professionals who value teamwork and innovation. If you're excited about safeguarding cutting-edge technology and collaborating with a dynamic team, this role is for you!
This is a remote-based role within select states in the United States. At this time, we are only able to employ those located in the following states: Arizona, Delaware, Florida, Georgia, Nevada, New Jersey, New York, North Carolina, Ohio, Rhode Island, South Carolina, Tennessee, Texas, Virginia, and Washington.
This position will require travel to our NY office headquarters up to three times per year for internal meetings and team-building activities. The cost of travel for employees out of the area will be covered by the company. Additionally, our offices are always available for staff to use as much as desired.
A company laptop and other necessary equipment will be provided along with a $250 stipend for your work from home space.
Role Type: Full-Time, Exempt
Location: Remote (Arizona, Delaware, Florida, Georgia, Nevada, New Jersey, New York, North Carolina, Ohio, Rhode Island, South Carolina, Tennessee, Texas, Virginia, and Washington)
Schedule: Standard business hours are Monday – Friday, 8:00 a.m. – 5:00 p.m. EST. However, there is some flexibility as per our Flex-Time Policy.
Salary: $90,000 - $110,000 (annually)
Responsibilities:
- Security Design & Implementation:
- Design, configure, and implement security solutions to protect IT infrastructure, data, and applications
- Develop and enforce best practices for system configuration and data handling
- Harden systems and applications to minimize vulnerabilities and reduce attack surfaces
- Evaluate, test, and recommend security technologies to enhance overall defense capabilities
- Threat Monitoring & Incident Response:
- Monitor and manage firewalls, IDS/IPS, endpoint security, and SIEM tools
- Continuously analyze security threats, vulnerabilities, and risks
- Lead or assist in incident response activities, including forensic analysis and root cause assessments
- Perform regular penetration tests and red team exercises to assess security posture
- Compliance & Risk Management:
- Ensure compliance with regulatory frameworks such as GDPR, PCI DSS, and CCPA
- Develop and maintain security policies, procedures, and IT security architecture
- Manage vendor due diligence processes to ensure thorough vetting and risk mitigation
- Conduct security audits and firewall configuration reviews to align with industry standards
- Security Awareness & Training:
- Provide security training and awareness programs to mitigate threats like phishing and social engineering
- Design and facilitate cybersecurity tabletop exercises for threat response and crisis management
- Collaborate with IT, development, and operations teams to integrate security into the software development lifecycle (SDLC)
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field with 3+ years of experience in a cybersecurity-related role, OR a Master’s degree with 1+ year of experience
- Strong understanding of network security, cryptography, cloud security, and application security
- Proficiency with security protocols such as SSL/TLS, IPsec, and SSH
- Hands-on experience with security tools such as Wireshark, Nessus, Splunk, and Metasploit
- Familiarity with regulatory compliance frameworks (GDPR, PCI DSS, CCPA, etc.)
- Experience in incident response, forensic analysis, and threat intelligence
- Knowledge of security controls in Microsoft 365 and cloud platforms like GCP
- Ability to design and conduct cybersecurity tabletop exercises
- Strong analytical and problem-solving skills, with the ability to work under pressure
- Excellent communication skills, with the ability to explain technical security concepts to non-technical stakeholders
Preferred Qualifications:
- Relevant cybersecurity certifications (e.g., CISSP, CISM, CEH, CompTIA Security+)
Why work with us:
- We have awesome benefits – We offer 401k with company match, 100% company-paid medical insurance, optional dental and vision add-ons, life insurance, vacation, and sick days.
- We promote a work/life balance – We value your time! We encourage a healthy separation between your professional and personal life with our flex-time work policy and health & wellness initiatives that allow employees to feel refreshed and recharged.
- We support growth – We promote continuous learning and development through our on-the-job trainings, educational workshops, DEI initiatives, internal mobility opportunities, and professional development expense reimbursement program.
- We give back – We live and breathe our core value, generosity, by giving back to our local communities and to the heating, plumbing, and HVAC trades. We host donation drives, encourage our team members to nominate organizations, and donate to support the trades.
- We stay engaged – We maintain our company culture through promoting virtual events and annual in-person events. Look out for our End of Year Celebration, Summer Picnic, Core Values Celebrations, Employee Appreciation Day, optional virtual out-of-office monthly events, and more!
- We listen – We value hearing from our employees. Everyone at SupplyHouse has a voice and we encourage that they use it! We actively elicit feedback through our monthly town halls, regular 1:1 check-ins, and company-wide ideas form, and incorporate suggestions to ensure our team enjoys coming to work every day.
SupplyHouse.com strongly values inclusion and encourages individuals of all backgrounds and experiences to apply for this position.
What our employees are saying:
- “SupplyHouse is a great place to work. We witness GRIT here every day. People are respected, our ideas are always valued and encouraged, and teamwork is also a great quality in employees. Overall, we have amazing people here!" -Yash, IT Team
- "I appreciate that SupplyHouse.com values generosity and giving back to local communities. The company truly listens to its team members to gather feedback on which organizations and efforts we should be supporting. This excites not only myself, but my colleagues and throughout the year, we can look forward to a variety of philanthropic opportunities where we can get involved in helping organizations that matter to us.” -Anna, HR Team
Check us out! https://www.supplyhouse.com/our-company
Applicants must be currently authorized to work in the U.S. on a full-time basis. SupplyHouse.com will not sponsor applicants for work visas.
Remote employees are expected to work in a distraction-free environment. Personal devices, background noise, and other distractions should be kept to a minimum to avoid disrupting virtual meetings or business operations.
We are committed to providing a safe and secure work environment for our employees, customers, and partners. As part of this commitment, we conduct thorough background checks on all potential employees as part of our hiring process. Please note that the background check will be conducted in accordance with applicable laws and regulations.
All emails from the SupplyHouse team will only be sent from an @supplyhouse.com email address. Please exercise caution if you receive an email from an alternate domain such as @gmail.com, @hotmail.com, etc.
