Security Engineer II, Attack Surface Management
About The Position
As an Attack Surface Management Security Engineer II, you’ll identify, analyze and reduce technical risks. You’ll partner closely with security, IT and business teams to turn vulnerability and configuration data into clear, actionable insights that protect critical systems and processes. In this role, you’ll lead initiatives, influence risk decisions and help mature our attack surface management capabilities at scale. This is an opportunity to combine deep technical expertise with strong communication and leadership impact. This role is hybrid, which means you will work some days at our corporate office in Richfield, Minnesota, and some days virtually from home or another non-Best Buy location. The specific work arrangements vary by role and team. The recruiter or hiring manager will provide more details during the hiring process.
Requirements
- 4 years of demonstrated experience in vulnerability management and IT patching—this may include professional experience and applicable personal or hands on technical experience
- 4 years of experience in information technology, information security or a related field
- 2 years of experience working with Windows, Linux, Unix and/or mobile platforms
- 2 years of experience with information security concepts, network architecture, hardware and software troubleshooting, and vulnerability/configuration management, etc.
- 1 year experience supporting cloud based or containerized environments
- 1 year experience with application level vulnerability management
- Strong written and verbal communication skills
Nice To Haves
- Experience with secure systems configuration management
- Background in designing, improving, or re engineering IT or security processes
- Familiarity with vulnerability scanning tools and risk reporting
Responsibilities
- Analyze vulnerability and configuration risk data to assess business impact and prioritize remediation efforts
- Partner cross functionally to investigate findings and drive effective risk response
- Lead continuous improvement initiatives to mature technical risk management processes
- Develop clear, executive level reporting and dashboards that communicate risk posture
- Train and mentor analysts on tools, methodologies and standard operating procedures
- Identify recurring trends, systemic weaknesses and opportunities for operational improvement
- Create or revise process documents/SOPs utilized by internal teams
- Develop and maintain operational metrics and reporting
Benefits
- Competitive pay
- Generous employee discount
- Financial savings and retirement resources
- Support for your physical and mental well-being
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
