Qualifications

â?¢

5 years of experience in information security and/or incident response

â?¢

Demonstrable practical and relevant technological breadth and depth across network, application, cloud, and database technology security

â?¢

Broad and deep understanding of information security controls, how controls are used to detect and respond to events & incidents, how controls impact the business and how control gaps can be mitigated/remediated

â?¢

Experience working in omni-channel global retail organizations

â?¢

Security expertise in one or more of the following areas: cloud, application, network, endpoint, data, Identity and Access Management (IDAM), Operational Technology (OT), Incident Response

â?¢

Experience in identifying and integrating information security requirements into project deliverables and documenting designs for implementation

â?¢

Interpersonally skilled, team oriented, credible, ethical, approachable, and trustworthy

â?¢

Analytical, organized, and decisive; with an action-oriented mindset to solve problems

â?¢

Innovative, with the ability to deliver creative solutions that meet the business objectives

â?¢

Ability to handle multiple priorities in a fast-paced environment with compressed timelines

â?¢

Balanced in ability to assess/evaluate/prioritize Threat Operations needs and requirements on any size project and to offer solutions while advancing the business\'s overall objectives

â?¢

Collaborative style with ability to share perspective in simple relevant terms to influence action & drive results

â?¢

Experience and demonstrable ability to deliver results in an iterative and agile operating model

â?¢

Bachelor\'s Degree in Information Technology/Information Security

Responsibilities

â?¢

Member of the Cybersecurity team responsible for protecting confidentiality, integrity, availability of information and technology assets

â?¢

Ensure information security operations requirements are defined and documented for project initiatives and well as for current/in use technologies

â?¢

SCOPE: Stores, Direct, Mobile, Infrastructure people process and technology (hardware and software) for both internal and external/cloud solutions

â?¢

Contributing technical content to information security policies and standards based on functional area of responsibility within the Cybersecurity team

â?¢

Provide technical process and technology information security expertise, as needed, with business partners as innovative ideas are generated

â?¢

Review, design, and assess architecture of current and future Threat Operations technologies

â?¢

This includes logging/monitoring, SIEM, EDR, threat intelligence, threat hunting, deception technology, and attack surface management

â?¢

Determine security requirements that consider regulatory drivers and business risk

â?¢

Review, design and assess technical architecture and processes to ensure information security requirements are documented and delivered on projects and initiatives

â?¢

Collaborate with the security architecture team on initiatives involving innovation pilots and proofs of concepts that face customers, stores, direct or corporate systems

â?¢

Technical resource for the Cybersecurity team to define technical aspects of Cybersecurity regulatory assessment obligations (e.g., HIPPA, GDPR, Enterprise Security Assessment, Vendor Security Assessments, PCI, CCPA)

â?¢

Engage as needed and based on technical expertise to support security incidents and breaches