About Us

2009 marks the 25th anniversary of BJ's Wholesale Club, which first introduced the warehouse club concept to the northeastern U.S. in 1984. Since then, we have expanded north to Maine, south to Florida and west into Ohio, today operating 180 Clubs in 15 states.

• BJ's had an annual sales of 9.8 billion in 2008
• #269 on the 2009 Fortune 500 list
• Opening 6-8 new clubs in 2009
• Employ more than 22,000 team members

BJ's is dedicated to providing Members with top-quality brand-name merchandise at prices significantly lower than supermarkets, supercenters, department stores, drug stores and specialty stores.

Job Description

Senior Information Security Engineer

Responsibilities:

Use current information security technology disciplines and industry standards to ensure confidentiality, integrity and availability of BJ’s information assets.  Provide strong expertise in Information Security support including compliance driven initiatives.  Will deliver “hands-on" security engineering expertise in information security disciplines in support of the BJ's Environment.  Stay abreast of security trends and new technologies that will enhance BJ’s current and future data security architecture.  Perform security related service and process assessments and evaluations based on NIST, ISO and ITIL standards and guidelines for all Business Plan initiatives across multiple distributed platforms and legacy Mainframe.  Responsible for security components throughout systems development lifecycle including requirements definition, proposal development, functional, non-functional, technical design, vendor analysis and selection, construction and testing with strong disciplines in application security, database security, risk identification, enterprise wide encryption: VPN technologies such as PKI, IKE, IPSEC, SSL/HTTPS  and digital certificate management.  Utilize information security tools to identify potential threats, vulnerabilities and respond to security violations. Participate in IT security audit activities both internal and external, ensuring compliance to Federal regulations, Sarbanes-Oxley, Data Privacy acts and Payment Card Industry standards.  Provide subject matter expertise and effective communications across all members of IT, our business partners and the outsourced global 3^rd party security operations center providing timely collection and dissemination of information.  Management and maintenance of security related procedures and documentation.  Coordinate and monitor security operations and reporting requests with 3^rd party security services provider.  Perform additional responsibilities as assigned.

Requirements:

A minimum of 2 (two) years experience is required within an Information Technology organization, with a concentration on Information Security and IT audit experience based on ISO-27002, CobiT and ITIL.  A CISSP certification is required.  A Bachelors degree in Computer Science or related field is preferred but equivalent work experience will be considered.  In depth knowledge of information security practices relating to PCI, SOX, application security and PII data protection is essential.  Experience working Encryption, Internet Security, Network Access Control, Data Leakage Prevention, Security Configurations and Risk Assessment plus proven skills with tools and techniques used to provide security controls and monitoring required.  Direct experience with Information Security at the enterprise level is desired...  Strong communication and customer service skills are essential.  Must have good Microsoft Office skills, including Excel, Word, PowerPoint, Visio, and Access. 

At BJ's, we value diversity in our organization, and we are an equal employment opportunity employer.