Company Background:

Genuine Parts Company (“GPC” or the “Company”) founded in 1928 and based in Atlanta, Georgia, is a leading distributor of automotive and industrial replacement parts and value-added services. The Company operates a global portfolio of businesses with more than 10,000 locations across the world. GPC has approximately 50,000 global employees. The Company has operations in the United States, Canada, Mexico, Australia, New Zealand, Indonesia, Singapore, France, the U.K., Germany, Poland, the Netherlands, Belgium, Spain and China.

Position Purpose:

The Security Engineer conducts security-related assessments as part of Genuine Parts Company (GPC) North America Information Security program and processes. The security team is the primary point of contact for all security emergencies, incidents, and projects. The Security Engineer will be responsible for coordinating and communicating a timely and appropriate response impacting the GPC customers and all relevant stakeholders they are assigned to.

Responsibilities

• Focus on cyber security of assigned areas
• Act as a technical hands-on team member for Security Engineering/Operational Projects
• Assist Cyber Management in all security incidents and subsequent reporting
• Assess and modify procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification, or destruction
• May create writeups and/or technical briefings on security issues
• Ensures compliance with organizational security rules and standards
• Prioritize remediation of gaps based on internal and external audits
• Assist with monitoring and auditing of information systems activities and systems to confirm information security policy compliance and provide management with security policy compliance assessments and system monitoring reports
• Work with stakeholders to provide security solutions that support their business requirements
• Identify, develop, and implement mechanisms to detect security incidents in order to enhance compliance with and support of security standards and procedures in place
• Conduct security risk assessments on new products and systems, periodic security risk assessments on existing systems and identify and/or recommend appropriate security countermeasures and best practices
• Respond to discovered security incidents by informing appropriate custodians, determining root cause, and identifying and executing remedial actions (if necessary) required to re-establish respective information system security
• Coordinate activities or engagements with loss prevention, interact with legal and law enforcement as required
• Other duties as assigned

Location:

• GPC has two work locations to choose from, Duluth or Atlanta office.
• We offer a Flexible Work Policy that permits eligible employees to work remotely

Desired Qualifications & Experiences:

• Bachelor’s degree in Computer Science, Engineering, or related discipline preferred
• Preferred certifications: CISSP, GSEC, Security+, CySA+, etc.
• Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone
• Strong analytical, technical, and problem-solving skills
• Ability to work effectively, independent of assistance or supervision
• Innovative, creative, and extremely responsive, with a strong sense of urgency
• Willing to share knowledge and assist others in understanding technical and business topics
• Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays
• Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
• Working knowledge of protocols and technologies such as TCP, UDP, SSL/TLS, SFTP, SMTP, DNS, DHCP.
• Ability to interpret information security data and processes to identify potential compliance issues
• Ability to quickly understand security systems to identify and validate security requirements

Preferred skills and capabilities:

• Experience with performing vulnerability scans and assessments as well as computer forensics
• Familiarity with Governance Risk and Compliance models
• Security Information and Event Management experience (SIEM)
• A solid understanding of various firewalls, with actual experience in design, installation, configuration, and operation
• Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment
• Ability to perform network protocol analysis and raw data capture
• A solid understanding and knowledge of LDAP
• Self-motivated, self-directed, and shows attention to detail while working
• Works ethically and with integrity supporting organizational goals and values
• Displays commitment to excellence
• Completes work in a timely manner and meets deadlines
• Contributes to building a positive team spirit and treats others with respect
• Maintains confidentiality of the information and uses information appropriately
• Exhibits sound judgment when making decisions and recommendations
• Fosters collaboration toward a common vision and shared goals