Back to search
EILEEN FISHER, INC. Linkedin · Posted 5d ago

Sr. Security Engineer (Hybrid in Irvington, NY)

Irvington, New York, United States

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Job Description

**This is a hybrid role with 1-2 days/week in the office in Irvington, NY. We are seeking candidates who will not require sponsorship now or in the future**

We are seeking a Senior IT Security Engineer to serve as the primary owner of information security across EILEEN FISHER’s entire technology landscape. This is a hands-on leadership role responsible for managing all aspects of IT security—from PCI-DSS compliance and IT governance to WAF management, e-commerce protection, and safeguarding the systems and devices used by employees across retail, corporate, and remote environments. The ideal candidate is a seasoned security professional who can operate independently, build and mature a security program, and serve as the go-to expert for all security matters within the organization.

Summary of Duties and Responsibilities:

PCI-DSS & Compliance Ownership

  • Own end-to-end PCI-DSS compliance across all retail point-of-sale, e-commerce, and payment processing environments
  • Lead annual PCI assessments, QSA engagements, and remediation tracking to ensure continuous compliance
  • Maintain and enforce the cardholder data environment (CDE) scope, segmentation, and documentation
  • Coordinate PCI evidence collection, SAQ/ROC preparation, and audit readiness across all relevant systems

IT Governance & Security Program Management

  • Develop, implement, and continuously improve IT security policies, standards, and procedures aligned with business strategy and frameworks (NIST CSF, CIS Controls, ISO 27001)
  • Lead the annual enterprise risk assessment process, tracking findings and driving remediation to closure
  • Establish and report on security KPIs and metrics to IT leadership and the executive team
  • Own the security technology roadmap and prioritize investments in tools, controls, and capabilities

WAF & E-Commerce Security

  • Serve as the primary owner of the organization’s WAF provider relationship—managing configuration, tuning, rule sets, and escalations to protect e-commerce and customer-facing platforms
  • Monitor and respond to WAF alerts, DDoS events, bot activity, and web application threats
  • Secure payment gateways, APIs, and customer data flows in alignment with PCI-DSS and OWASP best practices
  • Partner with the e-commerce and development teams to embed security into the SDLC and deployment workflows

Employee & Endpoint Security

  • Oversee endpoint protection across all employee devices, including corporate laptops, retail POS terminals, and mobile devices
  • Manage email security, IAM, SSO/MFA (Okta, Azure AD), and privileged access controls
  • Design and deliver security awareness training to protect employees from phishing, social engineering, and insider threats
  • Enforce policies for secure remote work, BYOD, and store-level IT environments

Security Operations

  • Direct day-to-day security operations including network monitoring, SIEM management, IDS/IPS, vulnerability scanning, and patch management
  • Supervise incident response activities from detection through post-incident review and lessons learned
  • Manage certificate lifecycle, sensitive data handling, and encryption standards (TLS/SSL, PKI, key management)
  • Conduct and coordinate penetration testing and vulnerability management programs, tracking remediation to resolution

Cloud & Infrastructure Security

  • Own security controls across cloud environments (AWS, Azure) including IAM, security groups, logging, and compliance tooling
  • Collaborate with IT infrastructure teams to harden systems, enforce least-privilege, and maintain secure baselines
  • Ensure secure configurations for SaaS applications, APIs, and third-party integrations

Required Skills

PERFORMS OTHER RELATED DUTIES AND ASSIGNMENTS AS REQUIRED.

Education: Bachelors degree in Computer Science or equivalent experience.

  • 7+ years of progressive IT security experience, with at least 3 years in a senior or lead security role
  • Demonstrated end-to-end ownership of PCI-DSS compliance—including QSA engagement, CDE scoping, SAQ/ROC preparation, and continuous compliance across retail POS and e-commerce channels
  • Hands-on experience managing WAF platforms (e.g., Cloudflare, Imperva, Akamai, AWS WAF) including rule tuning, alert response, and vendor relationship management
  • Experience securing e-commerce environments: payment gateways, APIs, and customer data in alignment with PCI-DSS and OWASP Top 10
  • Proven experience building and managing IT governance programs—policies, risk assessments, KPIs, and security roadmaps
  • Ability to manage security across a distributed workforce including retail stores, corporate offices, and remote employees
  • Experience with cloud security across AWS and/or Azure (IAM, security groups, logging, Microsoft Defender, Azure Defender)
  • Strong knowledge of identity and access management (IAM), SSO/MFA (Okta, Azure AD/Entra ID), and privileged access controls
  • Experience with SIEM platforms, IDS/IPS, endpoint detection & response (EDR), and vulnerability management tools
  • Strong understanding of encryption, TLS/SSL, PKI, and key management
  • Scripting/automation skills in Python, Bash, or PowerShell
  • Excellent communication skills with the ability to present security risk to executive and non-technical audiences
  • Industry certifications preferred: CISSP, CISM, PCI-ISA/QSA, or equivalent

The salary range for this position is $120,000 - 135,000/year depending on relevant experience. We offer a competitive total package, including health benefits, generous paid time off, wellness reimbursement, etc.

EILEEN FISHER, Inc. is an equal-opportunity employer and is committed to providing a workplace free from harassment and discrimination. We are committed to recruiting, hiring, training and promoting qualified people of all backgrounds, and make all employment decisions without regard to any protected status.

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent