IT Cloud Security Engineer

BJ's Wholesale Club
Apply for Job

Job Details

  • Location: Marlborough, MA, 01752
  • Date Posted: 2023-08-22
  • Employment Type: Full Time
  • Category: Engineering
  • Req Number: R122058
Apply for Job


Join our team of more than 34,000 team members, supporting our members and communities in our Club Support Center, 235+ clubs and eight distribution centers. BJ’s Wholesale Club offers a collaborative and inclusive environment where all team members can learn, grow and be their authentic selves. Together, we’re committed to providing outstanding service and convenience to our members, helping them save on the products and services they need for their families and homes.

The Benefits of working at BJ’s

•        BJ’s pays weekly

•        Generous time off programs to support busy lifestyles* 

                      o Vacation, Personal, Holiday, Sick, Bereavement Leave, Jury Duty

•        Benefit plans for your changing needs*

                      o Three medical plans**, Health Reimbursement Account (HRA), Health Savings  Account (HSA), two dental plans, flexible spending

*eligibility requirements vary by position

**medical plans vary by location

Job Summary

The Cloud Security Engineer will be the point person for Cloud Security team's AWS, Azure, GCP’s security architecture reviews and develop governance processes around cloud implementations with respect to security. You will be a key contributing member of the Cloud Security team, interfacing with other cloud engineers and utilizing the latest security best practices.

Responsibilities and Key Accountabilities

  • Security reviews for new products, technologies, and services
  • Secure design, architecture, and implementation
  • Influence decision-makers and stakeholders throughout the organization in multiple teams to achieve a consistently high security bar
  • Perform vulnerability assessments and prioritizing vulnerabilities remediation's.
  • Perform CDN (certs, security properties and DNS) configuration changes with Akami Technology portal
  • Create security guidance and documentation
  • Develop and deliver security training and outreach to internal development teams
  • Develop and improve metrics that drive desired behavior and security outcomes
  • Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership
  • Support for mentoring, team building and recruiting activities


  • 2-5 years’ experience with good cybersecurity knowledge and intermediate knowledge of cloud technologies.
  • Help with ensuring business continuity plans are tested and in place for all 24x7x365 global operations within Cloud Ops
  • Maintain a broad understanding of the various technologies utilized in BJ’s (AWS, Azure, and Google) environments
  • Hands-on scripting experience (Bash, Python, or other dynamic languages) with Unix/Linux OS or system administration experience.
  • Be familiar with shift-left approach terminology when it comes to secure coding.
  • Good understanding of Cloud Infrastructure and Architecture (Terraform, CloudFormation or Azure Resource Manager)
  • Good understanding of automation using AWS Cloud Formation, CloudTrail, GuardDuty, Config, Inspector, CloudWatch, IAM, or KMS and Container Security etc.
  • Experience with security related regulatory requirements, such as NIST, PCI and ISO 27001.
  • Strong familiarity with OWASP Top 10 web vulnerabilities and experience in driving remediation plan
  • Responsible for web application security including configuration of Web Application Firewalls (WAF) and other security tools.
  • Solid understanding of Secure SDLC and Integration of Application Security controls (e. g., static and dynamic scans, design and architecture reviews) into product development life cycle.
  • Familiar with containerization and orchestration technologies (Docker, Kubernetes highly preferred)
  • Hands-on technical expertise in technology automation, implementation, integration, and/or deployment
  • Self-motivated, ability to work independently and communicate complex technical security concepts in a comprehensible manner
  • Strong interpersonal and communication skills; ability to work in a team environment


Must Have:

  • AWS Certified Cloud Practitioner or Microsoft Certified:  Azure Fundamentals

Nice To Have (optional):

  • CISSP (Certified Information Systems Security Professional)
  • CCSP (Certified Cloud Security Professional)
  • AWS Certified Security – Specialty
  • AWS Certified Solutions Architect – Associate