Apply on Employer Site

TJX Europe · 2 months ago

Senior Staff Cybersecurity Threat Analyst - Cyber Incident Response - Remote US Available

United States

Full-time

Remote

Senior Level, Lead/Staff

$125K/yr - $162K/yr

7+ years exp

TJX Europe is a Fortune 100 company and the world’s leading off-price retailer. The Cyber Incident Response team prepares TJX to respond rapidly to critical security incidents, and as a Senior Staff Threat Analyst, you will lead investigations into complex cyber threats and communicate technical risks to stakeholders.

Retail

Responsibilities

Collaborate with cross-functional teams to improve cybersecurity posture

Actively participate in responding to emerging and active threats

Recognizes and analyzes trends to make recommendations on optimizing processes, alerts, tools, and platforms

Defines and executes assigned projects, including contributing towards the development and dissemination of Tabletop Exercises (TTXs)

Able to create and execute short to medium term strategies focuses on exposure and incident response capabilities

Mentor and train junior and mid-level analysts in advanced analytical techniques

Accurately document findings and provide suggested remediations with appropriate justifications

Present findings to technical audiences as well as senior leaders

Qualification

Incident ResponseThreat DefenseCybersecurity FrameworksThreat IntelligenceScripting LanguagesCyber Operations ToolsSecurity CertificationsCommunication SkillsMentoring SkillsCollaboration Skills

Required

7+ years of Incident Response, Security Operations, Threat Defense, Threat Hunt, Adversary Emulation (e.g., Red, Blue, Purple Teaming), and/or Disaster Recovery and Business Continuity experience in an enterprise setting

Bachelor's Degree or equivalent experience in Cyber Security, Information Technology, Information Assurance, or a related field

Strong experience designing, planning, implementing and executing incident response efforts across a variety of technologies and services including Web, mobile, network, IoT and Cloud

Familiarity with the NIST Cyber Security Framework (CSF), common security controls and their purposes, and technologies that supply those controls

Familiarity with using the MITRE ATT&CK and MITRE D3FEND frameworks to evaluate and enhance strategies against cyber threats

Experience with Threat Intelligence activities for enriching cyber operations data analysis and response

Experience with scripting languages such as python and PowerShell

Experience coaching and teaching junior associates

Experience drafting reports for audiences that include both executive leadership and technical security engineers/analysts

Ability to collaborate, influence and coach a geographically distributed work group; and strong relationship management skills to include stakeholders, and holding team members across multiple levels accountable for commitments

Highly developed verbal and written communication skills (including an excellent ability to brief) at multiple levels, from analysts to executives; Ability to work up and down the organization; and the ability to influence others to achieve results through building & maintaining partnerships

Ability to work effectively in a fast paced, demanding and fluid environment, remaining calm under pressure, and demonstrating excellent conflict management skills

Preferred

Expert knowledge of Incident Response and Incident Command methodologies within cybersecurity and a global enterprise environment

Expert knowledge in modern Cyber Operations tools, platforms, and analysis (i.e., SOAR, SIEM, and sources of security data)

Security certifications relating to Defensive Security (i.e. CISSP, CISA, CISM, GCIH, GCFA, etc.)

Strong understanding of working as part of an internal Cybersecurity organization

Strong ability to develop advanced knowledge in specific fields and services, and to share insights and lessons learned to further enhance organizational preparedness