Senior Security Analyst - APSEC/API Security

Looking to start an exciting new career? City Electric Supply offers excellent career opportunities for people who are friendly, motivated, and passionate about providing incredible customer service.

About City Electric Supply 

CES is a family-owned electrical wholesaler with the benefits of a worldwide service network and the personal service of a neighborhood store. Our "customer service first" core value has allowed us to grow continually for over 65 years while keeping our founding principle of empowering people to make local business decisions. CES now employs more than 7,400 people at over 1,000 branches world-wide of which there are over 500 branches across North America.  Our vision is to add 30-35 branches a year, while staying true to our Company values. 

About the role:

We are excited to be expanding our security team and with that we have a new open role for a Senior Security Analyst to work alongside a fantastic team. This position will focus on API Security. This position will help ensure that City Electric Supply is well positioned in terms of enterprise-class security standards and tools.

• Implement, optimize, and manage internal and external API penetration testing program.
• Manage third party API penetration tests.
• Internal and external penetration testing of applications, websites, with primary focus on API’s.
• Engagement with Devops for security best practices on secure API coding.
• Working with Devops to implement API monitoring and protection solutions.
• Create data reporting and recommendations for resolution/mitigation and engaging stakeholders.
• Engage on alerts from various security tools and performing forensics activity as well as correlation as warranted.
• Creating automation through various security systems such as for alerts.
• Creating custom detection rulesets.
• Lead and engage in incidents response driving to incident closure and recommending best practices to prevent future occurrence.
• Debrief stakeholders on assessments findings, provide remediation recommendations and assist with deployment of security best practices.
• Perform API architecture reviews.
• Engage stakeholders on new projects from a security perspective (such as deployment of a new product, new server builds where API’s are concerned etc.).
• Security technical assessment of all departments internal and external tools.
• Review of infrastructure from a security perspective such as and not limited to, firewall rules review, server builds, GPO’s review, MDM Policy, network architecture reviews etc.
• Stay updated on API OWASP Security Risks and taking appropriate measures.
• Optimization of security tools.
• Creation of dashboards for security related information.

• Science or Mathematics based degree.
• Relevant security certifications (Sans certifications, CEH, etc.).
• In-depth knowledge of securing applications, sites and API’s.
• Experience with Power BI.
• Ability to analyze network & web traffic (IDS/IPS, raw packets etc.).
• Experience with penetration testing tools.
• Implementation experience with API security tools.
• Self-motivated and able to work without high levels of supervision.
• Good organizational skills.
• Good attention to detail and a strong analytical mind.
• Ability to notice patterns within data.

• Advanced Degree in Science, Computer Science or another related technical/analytical field or equivalent on the job experience.
• Experience working with enterprise technology.
• Experience of working in a wholesale and manufacturing environment ideally within the Electrical Products Industry.
• Cloud security implementation and optimization experience.

• API security best practices and secure coding standards.

• Strong problem-solving and analytical thinking under pressure.
• Clear, concise communication of complex security topics to both technical and non-technical audiences.
• Ability to influence stakeholders and drive adoption of security best practices.
• Cross-functional collaboration with DevOps, engineering, and business teams.
• Effective prioritization and time management across multiple projects.
• Continuous learning mindset with commitment to staying current on security trends and technologies.
• Attention to detail while maintaining focus on strategic objectives.
• Initiative to proactively identify and address security risks before they escalate.

Physical Demands 

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  This position is very active and requires standing, walking, bending, kneeling, stooping, and climbing.  The employee must be able to lift and move items up to 50 pounds.   

Other Duties 

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice. 

EEO Statement 

We are an Equal Employment Opportunity employer committed to providing equal opportunity in all of our employment practices, including selection, hiring, assignment, re-assignment, promotion, transfer, compensation, discipline, and termination. The Company prohibits discrimination, harassment, and retaliation in employment based on race; color; religion; genetic information; national origin; sex (including same sex); sexual orientation; gender identity; pregnancy, childbirth, or related medical conditions; age; disability or handicap; citizenship status; service member status; or any other category protected by federal, state, or local law.  We support protected veterans and individuals with disabilities through our affirmative action program.

Attention Applicants

If you have a disability and need a reasonable accommodation to complete any part of the application process, or if you have difficulty accessing or using the online application process and need an alternative method, please contact us at [email protected] or 1-855-571-2477.

City Electric Supply is a drug free workplace. For further information about CES, visit our website at www.cityelectricsupply.com.

Considering applicants from the following states: AL,AZ,AR,CA,CO,DE,FL,GA,IL,IN,KS,KY,MD,MA,MI,MS,NV,NH,NJ,NC,OH,OK,PA,RI,SC,TN,TX,VA,WV,WI