Our vision at petco is healthier pets.
happier people.
better world.
we're making things better for pets, people, and the
planet through our think adoption first philosophy, the petco
foundation, and other important initiatives that focus on putting
animals first, educating pet parents, and reducing our carbon
footprint.
the journey starts with knowledgeable, passionately
engaged associates who are proud to recommend petco as a place to
work, who believe in our vision and who are committed to delivering
a superior customer experience.from our retail stores and our
network of distribution centers to our corporate offices, you'll
work with others who share your values and commitment.
we seek
individuals who are passionate about animal welfare, have great
people skills and are driven to grow and advance in their careers
with us.
our ongoing growth is creating exceptional opportunities
for professional development and personal enrichment throughout our
organization.role overviewwe are looking for a hands-on security
engineer to lead vulnerability management and pki operations within
the information security operations team.
this role will own
vulnerability scanning across our data center, endpoint, and cloud
vm environments and drive remediation through partnerships with
infrastructure teams.
in addition, the role will oversee the
lifecycle of public-facing ssl/tls certificates and contribute to
automation and process maturity around pki.the ideal candidate
brings experience managing tenable or similar platforms,
understands patching cycles across hybrid infrastructure, and is
well-versed in certificate management using tools like sectigo or
digicert.
a working understanding of internal ca/pki principles is
a plus.responsibilitiesvulnerability management· own day-to-day
operation of the tenable platform: scan schedule, tagging, health
checks, credential management and reporting.· drive remediation of
vulnerabilities by partnering with infrastructure teams.· supports
the end-to-end vulnerability process, including reporting of
vulnerabilities and escalation of critical vulnerabilities.·
document security guidance, process and policy around the
vulnerability management program.· coordinate monthly patch
guidance and vulnerability meetings for on-prem and cloud teams.·
maintain scan health and results from vulnerability management
platforms.· oversee asv (approved scanning vendor) scans for pci
compliance:· conduct network and web application scans.· validate
and submit quarterly asv reports, including dispute documentation
for false positives or out-of-scope findings.· manage remediation
and tracking for eol (end-of-life) systems across on-prem and cloud
environments.pki & certificate management· maintain certificate
manager:o oversee certificate lifecycle, including expiration
review, issuance, renewals, and support requests.o automate
certificate management processes where possible.· process public
ssl certificate requests via servicenow.· perform monthly audits of
cert expiration and maintain active monitoring of managed certs.·
support certificate issuance from digicert (e.g., verified mark
certificates).· possess working knowledge of internal ca security
best practices; may contribute to internal ca
processes.qualifications· 3+ years of experience in it security or
infrastructure with a focus on vulnerability and certificate
management.· hands-on experience with tenable, qualys, or similar
vulnerability management platforms.· experience managing ssl/tls
certificates via sectigo, digicert, or similar certificate
lifecycle platforms.· solid understanding of vulnerability
prioritization, remediation workflows, and patch cycles across
on-prem and cloud systems.· working knowledge of internal pki/ca
principles and public key infrastructure best practices.·
familiarity with pci dss asv requirements and scan
dispute/resubmission processes.· ability to work cross-functionally
and lead vulnerability remediation efforts with distributed teams.·
strong documentation, communication, and coordination
skills.preferred skills· experience with external attack surface
management tools.· understanding of eol system risk, tracking, and
remediation coordination.· security certifications such as
security+, cysa+, cissp, or giac gsec, crisc, etc.· bachelor's
degree in cybersecurity, information technology, or related
field.