We’re looking for a Senior Security Engineer, focusing on Asset & Data Protection, to join our Cybersecurity Team. In this role, you’ll help us build and deliver scalable security services that will enhance and accelerate the security maturity of sweetgreen’s corporate, retail and customer-facing environments.

Our mission as the Cybersecurity Team is to protect the brand through protecting our people + processes, systems and data. To this end, you will lead key security transformation initiatives and work cross-functionally to build, scale and deploy security services which meet the current and future needs of our rapidly growing business.

You will:

• Design, implement, integrate, enhance and maintain security controls and services for retail networks, cloud infrastructure + platforms, and the software development lifecycle
• Partner closely with Security Operations, IT Operations, Retail Technology and Software Engineering Teams to enhance and accelerate Asset & Data Protection initiatives
• Configure and enhance identity and access management (IAM) systems in accordance with cybersecurity policies
• Enhance endpoint management & endpoint security capabilities including Unified Endpoint Management (UEM) and Endpoint Detection & Response (EDR) solutions
• Perform security design reviews and lead threat modeling activities for new implementations, integrations and significant changes
• Partner with the Software Engineering Team to deploy, operate, tune and enhance the Web Application Firewall (WAF)
• Expand and enhance Security Information & Event Management (SIEM) and Security Orchestration Automation & Response (SOAR) coverage across the enterprise
• Analyze logs and other security-related data sources and provide subject matter expertise in response to security incidents
• Develop technical design documents, reference architectures and re-usable security architecture patterns
• Develop and maintain security policies, procedures, and standards for infrastructure, platform, endpoint and application security

Desired experience + traits:

• 7 years of experience as a security engineer in a cloud-first environment
• Strong subject matter expertise in at least 3 of the following cybersecurity domains:
• Infrastructure & Cloud Security
• Identity & Access Management
• Endpoint Security
• Application Security
• Data Security
• Deep and broad understanding of cloud security, specifically with AWS
• Deep experience in deploying a Web Application Firewall (WAF)
• Deep experience in deploying Endpoint Detection & Response (EDR) solutions
• Deep understanding of network security segmentation & best practices
• Demonstrated knowledge of Zero Trust Architecture concepts and fundamentals
• Demonstrated ability scripting with languages such as Python, PowerShell & JavaScript
• Demonstrated ability to design and write code to deliver security automation solutions
• Experience with multiple query languages such as SQL and KQL
• Demonstrated skills in DevSecOps principals, tools and best practices
• Demonstrated knowledge of Infrastructure as Code (IaC) with AWS using Terraform
• Demonstrated knowledge of Container Security best practices
• Knowledge of common adversary tactics, techniques, and procedures (TTPs)
• Knowledge of application security best practices including OWASP and SANS/CWE
• Excellent written and oral communication skills

What you'll get:

• Highly competitive pay + bonus plan
• Three different medical plans to suit your and your family's needs
• Dental and Vision insurance
• Flexible PTO plan
• 401k program
• Employee HSA and FSA
• Complimentary greens
• An opportunity to make a real impact on the people around you, both by growing them and by connecting them to real food
• To live the sweetlife and celebrate your passion + purpose
• A collaborative team of people who live our core values and have your back
• A clear career path with opportunities for development, both personally and professionally
• Free sweetgreen swag

Come join the sweetlife!

About sweetgreen

sweetgreen is on a mission to build healthier communities by connecting people to real food. We passionately believe that real food should be convenient and accessible to everyone. Every day in each sweetgreen, our 3,500 team members make food from scratch, using fresh ingredients and produce delivered that morning. And in our local communities, we’re committed to leaving people better than we found them. We’re in the business of feeding people, and we’re out to change what that means.

sweetgreen provides equal opportunities for everyone that works for us and everyone that applies to join our team, without regard to sex or gender, gender identity, gender expression, age, race, religious creed, color, national origin, ancestry, pregnancy, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, any service, past, present, or future, in the uniformed services of the United States (military or veteran status), or any other consideration protected by federal, state, or local law.

sweetgreen participates in the federal government's E-Verify program to determine employment eligibility. To learn more about the E-Verify program, please click here.