Senior Staff Cybersecurity Threat Analyst - Cyber Incident Response - Remote US Available

About the position The Cyber Incident Response (CIR) team prepares TJX to respond rapidly to critical security incidents; contain, eradicate, and recover through incident command management. This team of highly specialized subject matter experts defends the TJX environment through detail-oriented analysis, thoroughness, partnership, and communications across all levels and teams throughout the business. Our approach to incident management aligns with NIST industry recommendations for containment, eradication, and recovery processes while also allowing the breadth and depth of analysis, forensic investigation, and stakeholder engagement. By working closely with teams across TJX, we perform technical root cause analysis across a spectrum of potential threats and assist with the remediation and restoration of business operations. As a Senior Staff Threat Analyst, you will play an integral role in leading investigations into complex cyber threats, alerts, and vulnerabilities. This includes analyzing attack vectors, determining potential root causes, and documenting accurate, thorough incident reports. Beyond technical skills, you will need to use strong communication and inter-personal skills to communicate technical risks in accurate non-technical terms to stakeholder teams throughout the business.

Responsibilities

• Collaborate with cross-functional teams to improve cybersecurity posture.
• Actively participate in responding to emerging and active threats.
• Recognizes and analyzes trends to make recommendations on optimizing processes, alerts, tools, and platforms.
• Defines and executes assigned projects, including contributing towards the development and dissemination of Tabletop Exercises (TTXs).
• Able to create and execute short to medium term strategies focuses on exposure and incident response capabilities.
• Mentor and train junior and mid-level analysts in advanced analytical techniques.
• Accurately document findings and provide suggested remediations with appropriate justifications.
• Present findings to technical audiences as well as senior leaders.

Requirements

• 7+ years of Incident Response, Security Operations, Threat Defense, Threat Hunt, Adversary Emulation (e.g., Red, Blue, Purple Teaming), and/or Disaster Recovery and Business Continuity experience in an enterprise setting.
• Bachelor’s Degree or equivalent experience in Cyber Security, Information Technology, Information Assurance, or a related field.
• Strong experience designing, planning, implementing and executing incident response efforts across a variety of technologies and services including Web, mobile, network, IoT and Cloud.
• Familiarity with the NIST Cyber Security Framework (CSF), common security controls and their purposes, and technologies that supply those controls.
• Familiarity with using the MITRE ATT&CK and MITRE D3FEND frameworks to evaluate and enhance strategies against cyber threats.
• Experience with Threat Intelligence activities for enriching cyber operations data analysis and response.
• Experience with scripting languages such as python and PowerShell.
• Experience coaching and teaching junior associates.
• Experience drafting reports for audiences that include both executive leadership and technical security engineers/analysts.
• Ability to collaborate, influence and coach a geographically distributed work group; and strong relationship management skills to include stakeholders, and holding team members across multiple levels accountable for commitments.
• Highly developed verbal and written communication skills (including an excellent ability to brief) at multiple levels, from analysts to executives; Ability to work up and down the organization; and the ability to influence others to achieve results through building & maintaining partnerships.
• Ability to work effectively in a fast paced, demanding and fluid environment, remaining calm under pressure, and demonstrating excellent conflict management skills.

Nice-to-haves

• Expert knowledge of Incident Response and Incident Command methodologies within cybersecurity and a global enterprise environment.
• Expert knowledge in modern Cyber Operations tools, platforms, and analysis (i.e., SOAR, SIEM, and sources of security data).
• Security certifications relating to Defensive Security (i.e. CISSP, CISA, CISM, GCIH, GCFA, etc.).
• Strong understanding of working as part of an internal Cybersecurity organization.
• Strong ability to develop advanced knowledge in specific fields and services, and to share insights and lessons learned to further enhance organizational preparedness.

Benefits

• Associate discount
• 401(k) match
• medical/dental/vision
• HSA
• health care FSA
• life insurance
• short/long-term disability
• paid holidays/vacation /sick/bereavement/parental leave
• EAP
• incentive programs for management
• auto/home insurance discounts
• tuition reimbursement
• scholarship program
• adoption/surrogacy assistance
• smoking cessation
• child care/cell phone discounts
• pet/legal insurance
• credit union
• referral bonuses

Apply tot his job Apply To this Job