Real people. Real service.
At SupplyHouse.com, we value every individual team member and cultivate a community where people come first. Led by our core values of Generosity, Respect, Innovation, Teamwork, and GRIT, we’re dedicated to maintaining a supportive work environment that celebrates diversity and empowers everyone to reach their full potential. As an industry-leading e-commerce company specializing in HVAC, plumbing, heating, and electrical supplies since 2004, we strive to foster growth while providing the best possible experience for our customers.
We are looking for a Security Engineer to join our IT Team. This individual will report into our Security Architect and proactively identify vulnerabilities, respond to security incidents, and ensure compliance with industry regulations. This is a fantastic opportunity to make a meaningful impact by strengthening our IT infrastructure, applications, and data security while working alongside talented professionals who value teamwork and innovation. If you're excited about safeguarding cutting-edge technology and collaborating with a dynamic team, we’d love to hear from you!
This remote position is open to individuals who live in, or are open to relocating to, the following states: Arizona, Delaware, Florida, Georgia, Nevada, New Jersey, New York, North Carolina, Ohio, Rhode Island, South Carolina, Tennessee, Texas, Virginia, and Washington.
This position requires travel to our headquarters in Melville, NY 3 times per year for internal meetings and team building activities. We reimburse reasonable and necessary travel expenses, and you’re also welcome to work on-site anytime beyond these visits – our doors are always open.
Role Type: Full-Time, Exempt
Location: Remote
Schedule: Monday through Friday, 8:00 a.m. to 5:00 p.m. with time zone flexibility
Base Salary: $90,000 – $110,000 per year
Responsibilities:
-
Security Design & Implementation:
- Design, configure, and implement security solutions to protect IT infrastructure, data, and applications
- Develop and enforce best practices for system configuration and data handling
- Harden systems and applications to minimize vulnerabilities and reduce attack surfaces
- Evaluate, test, and recommend security technologies to enhance overall defense capabilities
-
Threat Monitoring & Incident Response:
- Monitor and manage firewalls, IDS/IPS, endpoint security, and SIEM tools
- Continuously analyze security threats, vulnerabilities, and risks
- Lead or assist in incident response activities, including forensic analysis and root cause assessments
- Perform regular penetration tests and red team exercises to assess security posture
-
Compliance & Risk Management:
- Ensure compliance with regulatory frameworks such as GDPR, PCI DSS, and CCPA
- Develop and maintain security policies, procedures, and IT security architecture
- Manage vendor due diligence processes to ensure thorough vetting and risk mitigation
- Conduct security audits and firewall configuration reviews to align with industry standards
-
Security Awareness & Training:
- Provide security training and awareness programs to mitigate threats like phishing and social engineering
- Design and facilitate cybersecurity tabletop exercises for threat response and crisis management
- Collaborate with IT, development, and operations teams to integrate security into the software development lifecycle (SDLC)
Requirements:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field with 3+ years of experience in a cybersecurity-related role, OR a Master’s degree with 1+ year of experience
- Strong understanding of network security, cryptography, cloud security, and application security
- Proficiency with security protocols such as SSL/TLS, IPsec, and SSH
- Hands-on experience with security tools such as Wireshark, Nessus, Splunk, and Metasploit
- Familiarity with regulatory compliance frameworks (GDPR, PCI DSS, CCPA, etc.)
- Experience in incident response, forensic analysis, and threat intelligence
- Knowledge of security controls in Microsoft 365 and cloud platforms like GCP
- Ability to design and conduct cybersecurity tabletop exercises
- Strong analytical and problem-solving skills, with the ability to work under pressure
- Excellent communication skills, with the ability to explain technical security concepts to non-technical stakeholders
Preferred Qualifications:
- Relevant cybersecurity certifications (e.g., CISSP, CISM, CEH, CompTIA Security+)
Why work with us:
-
We have awesome – We offer a wide variety of benefits to help support you and your loved ones. These include:
- Comprehensive and affordable medical, dental, vision, and voluntary life insurance options
- 401(k) with up to 4% company match
- Paid vacation, sick time, and holidays
- Company-paid basic life insurance and long-term disability
- Discounted auto, home, and pet insurance programs
- Flexible Spending Account (FSA)
- Confidential mental health, financial planning, and legal support through our Employee Assistance Program (EAP)
- Company-provided equipment and one-time $250 work from home stipend
- $750 annual professional development budget
- $25 monthly Grubhub credit
- Company rewards and recognition program
- And more!
-
We promote work-life balance – We value your time and encourage a healthy separation between your professional and personal life to feel refreshed and recharged. Look out for our wellness initiatives and ask about our Flex-Time Policy!
-
We support growth – We encourage you to embrace continuous learning and take on new challenges. In an exciting and evolving industry, we provide opportunities for career growth through our annual merit and bonus opportunities, hands-on training, diversity and inclusion initiatives, internal mobility options, and professional development budget.
-
We give back –We live and breathe our core value, Generosity, by giving back to the trades and organizations around the world. We make a difference through donation drives, employee-nominated contributions, support for non-profit organizations, Volunteer Paid Time Off, and more.
-
We listen –We value hearing from our employees. Everyone has a voice, and we encourage you to use it! We actively elicit feedback through our monthly town halls, regular 1:1 check-ins, employee listening initiatives, and company-wide ideas form to incorporate suggestions and ensure our team enjoys coming to work every day.
Check us out and learn more at: https://www.supplyhouse.com/our-company!
Additional Details:
- Remote employees are expected to work in a distraction-free environment. Personal devices, background noise, and other distractions should be kept to a minimum to avoid disrupting virtual meetings or business operations.
- Applicants must be currently authorized to work in the U.S. on a full-time basis. SupplyHouse.com will not sponsor applicants for work visas.
- com is an Equal Opportunity Employer. We welcome and encourage individuals of all backgrounds, experiences, and perspectives to apply. Employment decisions are based on qualifications, merit, and business needs.
- We are committed to providing a safe and secure work environment and conduct thorough background checks on all potential employees in accordance with applicable laws and regulations.
- All emails from the SupplyHouse team will only be sent from an @supplyhouse.com email address. Please exercise caution if you receive an email from an alternate domain.
