What are the responsibilities and job description for the IT Security Engineer, Architecture & Engineering (A&E) – Remote position at WebstaurantStore?
Job Summary
As the largest online distributor of restaurant supplies and equipment, WebstaurantStore, a Clark Associates company, hosts an expansive catalogue with over 430,000 products delivered through fast, dependable shipping, making us the internet’s largest restaurant supplier.
Our CAST (Clark Associates Security Team) is committed to maintaining the highest standards of security and integrity across our digital ecosystem.
We are seeking a Security Engineer to join our Architecture & Engineering (A&E) group. This role will focus on identity management, cloud security design, and secure configuration of enterprise systems, contributing to the design and implementation of scalable security controls across on-premises and cloud environments. The ideal candidate will have strong technical depth in cloud identity, access management, and automation, with lighter emphasis on traditional network and vulnerability scanning responsibilities.
Responsibilities
Identity and Access Management
This role does not require a degree. We value relevant skills and experience and alignment with our core values above all else.
Desired Traits & Skills
The foodservice professional’s premier source for restaurant equipment, supplies, and knowledge online. Our purpose is to empower and equip people to run their businesses more profitably and efficiently.
Benefits
As the largest online distributor of restaurant supplies and equipment, WebstaurantStore, a Clark Associates company, hosts an expansive catalogue with over 430,000 products delivered through fast, dependable shipping, making us the internet’s largest restaurant supplier.
Our CAST (Clark Associates Security Team) is committed to maintaining the highest standards of security and integrity across our digital ecosystem.
We are seeking a Security Engineer to join our Architecture & Engineering (A&E) group. This role will focus on identity management, cloud security design, and secure configuration of enterprise systems, contributing to the design and implementation of scalable security controls across on-premises and cloud environments. The ideal candidate will have strong technical depth in cloud identity, access management, and automation, with lighter emphasis on traditional network and vulnerability scanning responsibilities.
Responsibilities
Identity and Access Management
- Design, implement, and maintain secure identity solutions across Azure AD, Entra ID, and AWS IAM environments.
- Support integration of single sign-on (SSO), multifactor authentication (MFA), and conditional access policies.
- Collaborate with IT and application teams to strengthen least-privilege and role-based access models.
- Automate identity lifecycle management processes through scripting or identity governance solutions.
- Develop and implement cloud security architectures across Azure, AWS, and other environments.
- Configure and monitor cloud-native security tools (e.g., Azure Defender, AWS GuardDuty, CloudTrail, Security Hub).
- Support implementation of Zero Trust principles and infrastructure-as-code security.
- Partner with DevOps and engineering teams to embed secure configurations and CI/CD controls.
- Contribute to the design and documentation of enterprise security architectures, standards, and reference models.
- Integrate identity and cloud security solutions with broader systems such as SIEM, EDR, and DLP platforms.
- Review new technology and service implementations for alignment with security best practices.
- Assess technical designs for security gaps, providing actionable recommendations.
- Partner with other CAST domains to support incident response and forensic investigations when required.
- Support ongoing compliance with frameworks such as NIST CSF, CIS Controls, and ISO 27001.
- Research and recommend emerging identity and cloud security technologies.
- Participate in security architecture reviews and cross-functional projects to enhance defense-in-depth capabilities.
- Work is performed while sitting/standing and interfacing with a personal computer.
- Requires the ability to communicate effectively using speech, vision, and hearing.
- Requires the regular use of hands for simple grasping and fine manipulations.
- Requires occasional bending, squatting, crawling, climbing, and reaching.
- Requires the ability to occasionally lift, carry, push, or pull medium weights, up to 50lbs.
- Access to a reliable and secure high-speed internet connection. Cable or fiber internet connections (at least 75mbps download/10mbps upload) are preferred, as satellite connections often cannot support the technologies used to perform day-to-day tasks.
- Access to a home router and modem.
- A dedicated home office space that is noise- and distraction-free. The space should have strong wireless connection or a wired Ethernet connection (wired connection is preferred, if possible).
- A valid, physical address (apartment, suite, etc.). PO Boxes are not supported, as a physical address is required for you to receive your computer equipment.
- The desire and ability to work and communicate with other team members via chat, webcam, etc.
- Legal residents of one of the following states: (AK, AL, AR, AZ, CT, DE, FL, GA, IA, ID, IN, KS, KY, LA, MD, ME, MI, MN, MO, MS, NC, ND, NH, NM, NV, OH, OK, PA, SC, SD, TN, TX, UT, VA, VT, WI, WV, or WY). H-1B Visa Sponsorship Not Available, W2 only.
- 3 years in IT security engineering, architecture, or identity management.
- Hands-on experience with Azure AD/Entra ID, AWS IAM, or Okta identity management solutions.
- Strong understanding of cloud security frameworks and controls (NIST, CIS Benchmarks, Zero Trust).
- Familiarity with scripting or automation (PowerShell, Python, Terraform, or Ansible).
- Experience with security monitoring or logging tools (e.g., Sentinel, GuardDuty, Splunk) is a plus.
- Relevant certifications such as Microsoft Security Engineer (SC-100/200), CCSP, or CISSP preferred.
This role does not require a degree. We value relevant skills and experience and alignment with our core values above all else.
Desired Traits & Skills
- Effective Communication: Able to explain complex security concepts to diverse audiences.
- Technical Expertise: Strong foundation in cloud and identity security design.
- Collaboration: Works effectively with IT, engineering, and DevOps partners.
- Adaptability: Stays current with evolving cloud and IAM technologies.
- Analytical Mindset: Strong problem-solving skills with an architecture-first approach.
The foodservice professional’s premier source for restaurant equipment, supplies, and knowledge online. Our purpose is to empower and equip people to run their businesses more profitably and efficiently.
Benefits
- Medical
- Vision
- Dental
- PTO
- Paid Maternity Leave
- Paid Parental Leave
- Life Insurance
- Disability
- Dependent Care FSA
- 401(k) matching
- Employee Assistance Program
- Wellness Incentives
- Company Discounts
- AT&T & Verizon Discount
- Bonus Opportunities
- Accident Insurance
- Critical Illness Insurance
- Adoption Assistance
- On-Site Fitness Centers
- Dog-friendly Offices
