Sr Analyst, Cybersecurity
- Employer
- Neiman Marcus
- Location
- Irving, Texas, United States
- Closing date
- 27 Oct 2022
View more
- Function
- Technology
- Level
- Senior Manager
You need to sign in or create an account to save a job.
Summary of Responsibilities:
The Sr. Analyst, Cybersecurity is responsible for the planning, implementation, and maintenance of cyber security controls and technologies within the organization. The activities include selection, implementation and maintenance of a multitude of cyber security platforms and technologies. Additionally, the individual will work directly with the outsourced SOC team to continue the improvement of logging and monitoring systems, to review alerts and notifications and other threat intelligence from the industry and to lead and oversee security incidents and other remediation activities.
The Sr. Analyst is also responsible for partnering with the security and compliance organizations to make recommendations on technology and controls to achieve a higher maturity level within the organization. The role will be responsible for defining, implementing, and maintaining the security standards for the organization.
Essential Functions:
Requirements:
The ideal candidate will possess the following:
Technical Knowledge:
Work Environment Characteristics:
The Sr. Analyst, Cybersecurity is responsible for the planning, implementation, and maintenance of cyber security controls and technologies within the organization. The activities include selection, implementation and maintenance of a multitude of cyber security platforms and technologies. Additionally, the individual will work directly with the outsourced SOC team to continue the improvement of logging and monitoring systems, to review alerts and notifications and other threat intelligence from the industry and to lead and oversee security incidents and other remediation activities.
The Sr. Analyst is also responsible for partnering with the security and compliance organizations to make recommendations on technology and controls to achieve a higher maturity level within the organization. The role will be responsible for defining, implementing, and maintaining the security standards for the organization.
Essential Functions:
- Cloud Security - Design, build and maintain security controls within the organization's cloud environments running in AWS and GCP
- Security Tools - Utilize the security tools within the organization such as Proofpoint, CrowdStrike, Centrify, Ivanti etc to enhance the security posture of the organization
- Change Requests - Evaluate and approve privileged access and firewall change requests within the organization to ensure the request is in line with the organization's standards
- Technology Selection - Partner with the vendor management office to perform evaluations of new vendors and tools within the organization to ensure proper risk mitigation
- Security Standards - Create or review the organization standards to ensure security practices are clearly outlined for the organization
- Incident Response - Partners with the security operations staff to assist with incident response. This will include evaluation of risk to the environment based upon information gathered from the security tools of the organization
- Threat Intelligence - Monitor threat intelligence reports to determine relevant threats to the organization. Run and analyze vulnerability scans of the applications and infrastructure and make recommendations on remediations
Requirements:
The ideal candidate will possess the following:
- Bachelor's degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering or related field(s). This is a must. Candidates without a Bachelor's degree need not apply
- 5 years of experience in the areas of Information Technology or Information Security
- CISSP is mandatory. Candidates without CISSP need not apply. Other certifications preferred. AWS certifications are a huge plus.
Technical Knowledge:
- The candidates MUST possess a strong working knowledge of:
- End point security solutions, IDS/IPS, Firewalls, Web Application Gateways, Logging and Monitoring (ex. Splunk), mail gateways, vulnerability management systems (ex. Rapid 7, Nessus, Qualys)
- Control frameworks and control objectives (ex NIST CSF, PCI-DSS etc)
- Cloud Computing (AWS, GCP, Azure)
- Operating systems, databases and middleware components
- Working knowledge of hardening standards for operating systems etc
Work Environment Characteristics:
- Self-motivated and results-oriented, including ability to prioritize conflicting demands.
- Exceptional organizational skills to balance work and lead projects.
- Strong verbal and written skills.
- Candidate must be outgoing and service oriented
- Candidate must be able to build consensus, collaborate and build strong relationships with a variety of internal and external stakeholders (business, development, compliance, etc.)
- Ability to adapt and apply information to new scenarios and technologies.
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert