TJX Senior Cyber Defense Analyst - IT Security in Marlborough, Massachusetts
Senior Cyber Defense Analyst - IT SecurityApply now »
Start apply with LinkedIn
- Start apply with Xing
- Apply Now
Date:Oct 17, 2019
Location:Marlborough, MA, US
Company:TJX Companies, Inc.
Discovery is at the heart of everything we do. Wherever you find us around the world, if you can think of a product, you can probably find it in our stores, which include TJ Maxx, Marshalls, HomeGoods, Sierra, Winners, Homesense, and TK Maxx. With variety comes plenty of happy surprises—our environment is ever-changing, and that’s just how we like it. Every day is an opportunity to discover something new about our business, our partnerships and even something exciting about yourself. Ready to Discover Different?
Posting Notes: Marlborough || MA
Cyber Defense Analyst – Security Analyst III
The Cyber Defense Analyst is a senior individual contributor responsible for identifying and handling security incidents at TJX. The ideal person in this role brings experience in identifying network and endpoint intrusions, as well as experience handling security incidents.
In addition to responding to structured alerts the SOC incident coordinator will triage events escalated by the level 1 team and coordinate incident response procedures. This role must be able to solve moderately complex problems independently and know when to escalate issues to a senior analyst or management. The individual will work with multiple technology platforms and interface with other groups within IT Security Operations, offshore partners, and other technology and business functions. Additional responsibilities include training of global team, maintaining IR runbooks for 24/7 monitoring, develop executive IR summaries and tracking KPI.
Level 2/3 Intrusion Detection System monitoring
Level 2/3 Network Security alert monitoring and triage
In-depth analysis of exploit attempts
Intermediate/advance malware analysis
Security incident handling
Mentor junior analysts to develop security skillset
Develop standard operating procedures and response plans
Day-to-day oversight of security monitoring program
Maintain triage runbooks for global security monitoring team
Stay up to date with current security vulnerabilities and attacks
Interfaces with user community and assists with IT security needs and projects
Ensures that the user community understands and adheres to necessary procedures to maintain security
Performs root cause analysis of low to moderately complex security issues and determines the best course of action to remedy the problem
Performs procedures of up to high complexity necessary to ensure the ongoing core objectives of IT Security
Performs basic to complex security reviews to ensure compliance with internal security standards and regulatory requirements
Recommends new policies and procedures to management and has wide latitude to devise on the best course of action for new procedures
Recommends course of action for low to moderately complex situations
Performs other duties as required
Intermediate-level understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, and Incident Management
5 Years in IT Security environment or equivalent
2-3 Years of SOC or Incident Response experience
A moderate understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
Demonstrated knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the company and its objectives
Strong written and verbal communication skills
Intermediate knowledge of tools and products used in day-to-day performance of job responsibilities (e.g., Sourcefire, SIEM)
Excellent aptitude for problem solving and IT Security
Familiar with IT Regulations, PCI/Sarbanes-Oxley/Mass Privacy laws
Bachelor's Degree or equivalent experience
Relevant industry certification a preferred (GCIA, GCIH, GREM, GCFA, CEH)
An ideal candidate will be active in the threat intelligence community, and be able to apply that knowledge to design the enterprise’s security posture by developing custom ArcSight and Splunk content based on threat intelligence. You will be required to work closely with the various internal service towers as well as application security teams on design, content, facilitating the use of the system and support the SOC and their security incident identification processes and escalation workflow.
Additional responsibilities include:
Threat intelligence gathering.
Correlation rules created basic on the threat intelligence gathered.
On-board threat feeds onto the ArcSight and Splunk platforms.
Handle escalations for active incidents.
Service reporting and regular customer meetings.
Come Discover Different at TJX. From opportunity and teamwork to growth, we think you’ll find that it’s so much more than a job. When you’re a part of our global TJX family, you have the full support of a diverse, close-knit group of people dedicated to finding great deals and fantastic style. Best of all? They have a lot of fun doing it.
We care about our culture, but we also prioritize the tangible stuff (Competitive salaries: check. Solid benefits: check. Plenty of room for advancement: of course). It’s our way of empowering you to make your career here.
We consider all applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, gender identity and expression, marital or military status. We also provide reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act and applicable state and local law.
Posting Notes: Marlborough || MA
Nearest Major Market:BostonJob Segment:Corporate Security, Law, Compliance, Network Security, Security, Legal