Information Security Engineer
Posting Date: Aug 2, 2025
Location: Tyler, TX
Company: Brookshire Grocery Company
Brookshire Grocery Company (BGC) is a family business based in Tyler, Texas, and currently operates more than 205 stores in four states – Texas, Louisiana, Arkansas, and Oklahoma – with three distribution centers and a corporate office. BGC prides itself on offering its partners one of the most comprehensive benefits packages in the industry which includes medical, prescription drug, vision, dental, paid time off, stock ownership, a 401k retirement plan, incentive plans, employee discounts, educational scholarships, and access to BGC’s 205-acre outdoor recreation area.
Job Summary
Supports the planning, coordination, design, implementation, and maintenance of enterprise information security solutions to ensure Company assets are secure and adhere to security best practices. Contributes to strategic security initiatives, conducts thorough research, guides the Information Security team with enhancement recommendations, enforces security standards, and develops measures to mitigate risks. Focuses on continuous improvement to enhance the effectiveness and efficiency of security processes.
Essential Duties and Responsibilities
- Understands, interprets, and applies security standards, frameworks, compliance requirements, and comprehensive architecture principles to recommend solutions that meet regulatory, business continuity, and security scalable needs.
• Provides in-depth subject matter expertise on advanced security architecture, authentication, and system security.
• Serves as a security lead and subject matter expert (SME) on business projects to gather security requirements needed to design, build, document, support, and transfer knowledge on security permissions, roles, rules, and configuration to ensure adherence to company and security standards.
• Collaborates with external vendors to plan and deploy solutions, resolve issues, and implement enhancements, ensuring high quality service delivery.
• Researches, plans, designs, and builds solutions that will advance security, such as multi-factor authentication, password less authentication, zero trust networking, cloud security architecture, PKI, authorization tokens, identity governance, and data automation.
• Implements technical capabilities with application integrations to enhance security risk posture, including identity, Privileged Access, and Data Governance solutions.
• Builds new APIs (Application Programming Interfaces), services, and frameworks.
• Analyzes security systems and seeks improvements on a continuous basis.
• Fosters a continuous learning mindset to stay updated on emerging threats and technologies.
• Reports existing or possible threats to systems and company assets and researches recommendations to eliminate, remediate, or mitigate them.
• Provides direction and assists in developing security best practices, documenting security standards, and making decisions regarding enterprise security.
• Develops and maintains detailed and accurate documentation for complex security systems and processes, ensuring accuracy and clarity.
• Builds expertly planned and detailed project plans to be used to communicate key milestones, deliverables, and progress visibility for management.
• Assist with leading initiatives to educate the business community and promote security awareness on standards and procedures necessary to protect Company assets.
• Provides technical guidance to team members to support the design, implementation, and optimization of advanced security architectures and solutions, ensuring alignment with organizational needs and adherence to industry best practices.
• Responds to after business hour phone calls and resolves problems as needed.
Knowledge, Skills and Abilities
- Advanced knowledge multiple information security specialty areas with substantial cross-functional experience.
• Advanced knowledge of Microsoft Office applications including Excel, Access, Word, Outlook, and PowerPoint.
• Advanced knowledge of application security provisioning and governance technologies, authentication protocols (e.g., OAuth, SAML), cloud security services, LDAP, and domain structures.
• Advanced knowledge of SAP reporting and transactional applications.
• Advanced knowledge and understanding of relevant regulatory requirements and security frameworks, such as HIPAA, PCI DSS, NIST, and ISO.
• Advanced technical aptitude to quickly learn new technologies, systems, methods, and processes.
• Advanced ability to analyze complex technical information, research information, establish facts, and draw valid conclusions.
• Ability to strategically assess cybersecurity challenges and tactically design and implement effective security solutions.
• Ability to work independently and as part of a team in a rapidly changing environment, prioritizing tasks, and supporting multiple projects simultaneously.
• Ability to maintain confidentiality regarding sensitive information.
• Ability to comprehend and interpret information.
• Ability to prepare reports and business correspondence.
• Ability to reason, form concepts, and recognize and solve problems.
• Ability to multi-task, organize, and plan work independently.
• Ability to communicate effectively in written and verbal form, including facilitating productive meetings, leading discussions, and driving consensus with technical and non-technical stakeholders to effectively convey and collaborate on security concepts.
• Ability to work in a rapidly changing environment.
• Ability to develop and deliver advanced technical presentations, architecture diagrams, and detailed reports that communicate complex security concepts effectively to technical and non-technical audiences.
• Ability to work on-call and flexible schedules including nights, weekends, and holidays.
• Must be attentive to potential hazards and remedy or place appropriate warning signs or devices around or near the hazard as soon as is reasonably possible.
• Must report any potential hazards that cannot be immediately remedied to a supervisor.
Education, Experience, and Qualifications
- Bachelor’s Degree in Computer Science, Information Security, or other technology field with eight years of experience in Information Security and twelve years of experience in Information Technology; or an equivalent combination of experience and/or higher education (2x the experience listed above if non-degreed) required.
• Professional Security and Project Management certifications (e.g. PMP, CISSP, CISM, CEH, GIAC) preferred.
• Advanced experience in designing and implementing security solutions required.
• Partners must be 21 years of age or older to drive for Company business in accordance with the BGC Business Driver Policy.
Physical Demands
- Continuously required to use close vision, distance vision, depth perception or the ability to focus.
- Frequently required to talk and hear.
- Frequently required to use fine finger movements (ex. sorting and typing).
- Frequently required to sit for long periods of time.
- Occasionally required to use hands for reaching, touching or handling.
- Occasionally required to push, pull, maneuver or lift objects up to 40 lbs.
- Occasionally required to bend, kneel or squat.
- Occasionally required to stand or walk.
- Attendance at work is required.
Work Context and Environment
- Work is generally performed in an office environment.
- Quiet to moderate noise level.
Brookshire Grocery Company strives to provide a safe, drug free and alcohol-free environment for its partners and guests. The Company is an Equal Opportunity Employer and makes employment decisions without regard to race, color, religion, sex (including pregnancy, gender identity and sexual orientation), national origin, age (40 or older), disability, genetic information or military status and any other trait protected by law.
Nearest Major Market: Tyler