Creating a better framework for our company and your career.

Cyber Security Engineer III (Threat Detection)

Address: 104 WILMOT RD,DEERFIELD,IL,60015-05121-01104-2

Job ID 1515652BR

Apply

Ready to impact the next generation of healthcare technology, products and services? When you join us, your work will set the standards for database platform deployment and shape our solutions for the future. It’s an opportunity to reimagine the way we support our nearly 9,000, pharmacy-led, health and well-being retail stores worldwide and our entire organization.

Success Profile

What makes a great technical architect at Walgreens? We’re always looking for that special something – those qualities that set a Walgreens team member apart from the rest. Take a look and see how you match up.

Analytical
Collaborative
Insightful
Logical
Problem Solver
Technologically Savvy

Cyber Security Engineer III (Threat Detection)

Job ID 1515652BR

Apply

Job Summary

Responsible for developing and tuning SIEM and SOAR use cases for the purpose of threat detection within company environment. This role will support the incident response and cyber threat intelligence team.

Job Responsibilities

Responsible for complex configuration, documentation, and maintenance of some of theorganization’s information security architecture.
Leads in designing, building, operating and automating key information security solutions andprocesses to protect the integrity of the organization's digital network, systems, applications anddata.
Consults with internal development teams to identify threats, advise on defensive coding strategiesand remediate vulnerabilities in software. Meets and evangelizes with internal business partners andcustomers to develop information security requirements and conduct risk assessments.
Provides technical leadership on security projects to solve challenging security problems.
Participates in security risk analyses and reviews of third-party software, service providers andcontracts.
Stays current on evolving security and legislative / regulatory changes related to security.
Proactively assesses potential items of risk and opportunities of vulnerabilities in the network andsystems.
Participates in developing technical / business approaches and new or enhanced technical tools. Hasadvanced in-depth knowledge of advanced security protocols and standards, vulnerability assessmenttools, packet analyzers and security management suites, penetration testing tools andcountermeasures and mitigation techniques applied to web applications.
Ensures that threats and vulnerabilities to the organization’s business systems and applications (bothin-house and cloud-based) are minimized.
Installs & configures firewalls, intrusion detection systems, anti-virus software, and vulnerabilityscanning systems.
Manages encryption protocols to protect the organization's data as well as management ofauthentication and access controls.
Evaluates information security configurations when intrusions have occurred and monitors theeffectiveness of implemented changes.
Monitors overall compliance with security standards and conducts periodic security audits usingtechniques such as ethical hacking and penetration testing.

“About Walgreens and WBA
Walgreens (www.walgreens.com) is included in the U.S. Retail Pharmacy and U.S. Healthcare segments of Walgreens Boots Alliance, Inc. (Nasdaq: WBA), an integrated healthcare, pharmacy and retail leader with a 170-year heritage of caring for communities. WBA’s purpose is to create more joyful lives through better health. Operating nearly 9,000 retail locations across America, Puerto Rico and the U.S. Virgin Islands, Walgreens is proud to be a neighborhood health destination serving nearly 10 million customers each day. Walgreens pharmacists play a critical role in the U.S. healthcare system by providing a wide range of pharmacy and healthcare services, including those that drive equitable access to care for the nation’s medically underserved populations. To best meet the needs of customers and patients, Walgreens offers a true omnichannel experience, with fully integrated physical and digital platforms supported by the latest technology to deliver high-quality products and services in communities nationwide.”
The actual salary an employee can expect to receive, plus bonus pursuant to the terms of any bonus plan if applicable, will depend on experience, seniority, geographic location, and other factors permitted by law. To review benefits, please visit jobs.walgreens.com/benefits.
"An Equal Opportunity Employer, including disability/veterans".

Basic Qualifications

Bachelor’s degree and at least 4 years of experience in IT Security OR High School/GED and at least 7 years of experience in IT Security
At least 2 years of experience working with security protocols and standards, vulnerability assessment tools, packet analyzers, scripting languages and security management suites, penetration testing tools and countermeasures and mitigation techniques applied to web applications.
Experience with security engineering, identity engineering security applications engineering and/or security infrastructure engineering
Experience establishing & maintaining relationships with individuals at all levels of the organization, in the business community & with vendors.
Experience with modern scripting languages and applicable application protocols and APIs.
At least 2 years of experience contributing to financial decisions in the workplace.
At least 2 years of direct leadership, indirect leadership and/or crossfunctional team leadership.
Willing to travel up to/at least 10% of the time for business purposes (within state and out of state).

Preferred Qualifications

Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Advanced degree (e.g., Master’s in Cybersecurity) is a plus.
Equivalent work experience with demonstrated expertise in detection engineering and incident response.
Advanced proficiency in scripting/programming languages such as Python, PowerShell, or Go for automation and custom tooling.
Extensive experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, ELK/Elastic Stack, QRadar) including rule creation, alert tuning, and data onboarding.
Experience in building and optimizing detection and response workflows, including automation through SOAR (Security Orchestration, Automation, and Response) platforms.
Proficiency in Endpoint Detection and Response (EDR) tools and Threat Hunting platforms such as CrowdStrike, Microsoft Defender, Carbon Black, and SentinelOne.
Familiarity with cloud environments (e.g., AWS, Azure, GCP) and cloud-native security tools.
Expertise in developing advanced detection use cases using frameworks like MITRE ATT&CK, Cyber Kill Chain, and Diamond Model of Intrusion Analysis.
Strong background in threat intelligence integration and operationalization of threat feeds.
Proven leadership skills, mentoring junior team members and leading projects or initiatives.
Excellent written and verbal communication skills to prepare detailed reports and briefings for technical and executive audiences.
Strong organizational and project management abilities to handle multiple priorities effectively.
Ability to conduct post-incident reviews and develop strategies for reducing risk exposure.

We will consider employment of qualified applicants with arrest and conviction records.

Salary Range $127500 - $204000 / Salaried

Apply