Information Security Engineer

At Brookshire Grocery Company (BGC), we’re not just about business—we’re about building a community where you can thrive. Based in Tyler, Texas, BGC is home to five unique banners—Brookshire's Grocery Company, Super 1 Foods, Spring Market, Fresh by Brookshire's, and Reasor's—operating over 215 + stores across Texas, Louisiana, Arkansas, and Oklahoma.We’re all about creating a workplace where you can thrive. At BGC, youmatter, your contributions are celebrated, and your future is unlimited. Whether you're launching your career or ready to level up, you’ll find a supportive team, endless growth opportunities, and a chance to make an impact.Here’s what sets us apart:

• Wellness that works for you: Comprehensive medical, vision, dental, and prescription coverage.
• Flexibility and freedom: Paid time off to relax, recharge, and enjoy life.
• Ownership that empowers: 401(k) plan to help you build a solid future that the Company contributes to.
• Savings for your lifestyle: Exclusive employee discounts on the things you need most.
• Investing in your dreams: Scholarships and educational support to fuel your growth.
• Adventure awaits: Access to a 205-acre outdoor recreation area for unwinding, connecting, and having fun.

When you join BGC, you’re not just starting a job—you’re becoming part of something bigger. We’re here to support your goals, inspire your journey, and celebrate your wins.

Job Summary:

Supports the planning, coordination, design, implementation, and maintenance of enterprise information security solutions to ensure Company assets are secure and adhere to security best practices. Performs research, provides guidance on enhancement suggestions to the information security team, and adheres to established security standards. Identifies existing or potential measures to eliminate or mitigate risks to the enterprise while improving the effectiveness and efficiency of the team.

Essential Duties and Responsibilities:

• Understands, interprets, and applies security standards, frameworks, compliance requirements, and comprehensive architecture principles to recommend solutions that meet regulatory, business continuity, and security scalable needs.
• Provides subject matter expertise on basic security architecture, authentication, and system security.
• Assists as a security lead and subject matter expert (SME) on business projects to gather security requirements needed to design, build, document, support, and transfer knowledge on security permissions, roles, rules, and configuration to ensure adherence to company and security standards.
• Collaborates with external vendors to plan and deploy solutions, resolve issues, and implement basic enhancements.
• Researches, plans, designs, and supports solutions that will advance security, such as multi-factor authentication, password less authentication, zero trust networking, cloud security architecture, PKI, authorization tokens, identity governance, and data automation.
• Supports the implementation of technical capabilities with application integrations to enhance security risk posture, including identity, Privileged Access, and Data Governance solutions.
• Assists in building new APIs (Application Programming Interfaces), services, and frameworks.
• Analyzes security systems and seeks improvements on a continuous basis.
• Fosters a continuous learning mindset to stay updated on emerging threats and technologies.
• Reports existing or possible threats to systems and company assets and researches recommendations to eliminate, remediate, or mitigate them.
• Assists in developing security best practices, documenting security standards, and making decisions regarding enterprise security.
• Develops and maintains detailed and accurate documentation.
• Assists in building expertly planned and detailed project plans to be used to communicate key milestones, deliverables, and progress visibility for management.
• Educates the business community and promotes security awareness on standards and procedures necessary to protect Company assets.
• Responds to after business hour phone calls and resolves problems as needed.

Knowledge, Skills and Abilities:

• Advanced knowledge of multiple information security specialty areas with cross-functional experience.
• Advanced knowledge of Microsoft Office applications including Excel, Access, Word, Outlook, and PowerPoint.
• Advanced knowledge of SAP reporting and transactional applications.
• Advanced knowledge and understanding of regulatory requirements and security frameworks, such as HIPAA, PCI DSS, NIST, and ISO.
• Advanced technical aptitude to quickly learn new technologies, systems, methods, and processes.
• Basic knowledge of application security provisioning and governance technologies, authentication protocols (e.g., OAuth, SAML), cloud security services, LDAP (Lightweight Directory Access Protocol), and domain structures.
• Ability to strategically assess cybersecurity challenges and tactically design and implement effective security solutions.
• Ability to work independently and as part of a team in a rapidly changing environment, prioritizing tasks, and supporting multiple projects simultaneously.
• Ability to analyze technical information, research information, establish facts, and draw valid conclusions.
• Ability to maintain confidentiality regarding sensitive information.
• Ability to work on-call and flexible schedules including nights, weekends, and holidays.
• Ability to communicate effectively in written and verbal form, including facilitating productive meetings, leading discussions, and driving consensus with technical and non-technical stakeholders to effectively convey and collaborate on security concepts.
• Ability to comprehend and interpret information.
• Ability to prepare reports and business correspondence.
• Ability to reason, form concepts, and recognize and solve problems.
• Ability to multi-task, organize, and plan work independently.
• Ability to work in a rapidly changing environment.
• Ability to develop and deliver technical presentations, architecture diagrams, and detailed reports that communicate complex security concepts effectively to technical and non-technical audiences.
• Ability to work on-call and flexible schedules including nights, weekends, and holidays.
• Must be attentive to potential hazards and remedy or place appropriate warning signs or devices around or near the hazard as soon as is reasonably possible.
• Must report any potential hazards that cannot be immediately remedied to a supervisor.

Education, Experience and Qualifications:

• Bachelor’s Degree in Computer Science, Information Security, or other technology field with five years of experience in Information Security and eight years of experience in Information Technology; or an equivalent combination of experience and/or higher education (2x the experience listed above if non-degreed) required. 
• Professional Security and Project Management certifications (e.g. PMP, CISSP, CISM, CEH, GIAC) preferred.
• Progressive experience in designing and implementing security solutions required.
• Partners must be 21 years of age or older to drive for Company business in accordance with the BGC Business Driver Policy.

Physical Demands:

• Continuously required to use close vision, distance vision, depth perception or the ability to focus.
• Frequently required to talk and hear.
• Frequently required to use hands for reaching, touching or handling.
• Frequently required to use fine finger movements (ex. sorting and typing).
• Frequently required to sit for long periods of time.
• Occasionally required to push, pull, maneuver or lift objects up to 40 lbs.
• Occasionally required to bend, kneel or squat.
• Occasionally required to stand or walk.
• Attendance at work is required.

Work Context and Environment:

• Work is generally performed in an office environment.
• Quiet to moderate noise level.

Ready to find your place? BGC is “A Career Where You Belong.”Brookshire Grocery Company strives to provide a safe, drugand alcohol-free environment for its partners and customers. The Company is an Equal Opportunity Employer and makes employment decisions without regard to race, color, religion, sex (including pregnancy, gender identity and sexual orientation), national origin, age , disability, genetic information or military status and any other trait protected by law.