Apply on Employer Site

Victoria’s Secret & Co. · 8 hours ago

Senior Security Analyst - Architecture

United States

Full-time

Remote

Mid, Senior Level

$96K/yr - $132K/yr

5+ years exp

Victoria’s Secret & Co. is a world-leading specialty retail brand recognized globally for innovation and excellence in lingerie and fashion. They are seeking a Senior Security Analyst to translate enterprise security standards into actionable technical controls and processes, ensuring the security integrity of technology solutions throughout project phases. The role involves conducting security assessments, developing security requirements, and maintaining security controls across various environments.

ApparelBeautyFashionRetail

No H1B

Responsibilities

Conduct thorough project security assessments (including risk analysis, penetration test coordination, and vulnerability reviews) on existing infrastructure and new application designs

Develop and socialize robust security requirements and technical specifications for new systems, platforms, and architectural patterns, ensuring alignment with risk, regulatory, and compliance needs

Diagram and document the security posture of critical enterprise assets, creating clear, technical representations of control mapping, data flow, and threat models

Inform and update internal security standards and requirements

Research and evaluate the latest security threats, technologies, and industry best practices

Oversee the effective implementation and maintenance of defined security controls (e.g., identity management, data protection, network segmentation) across various cloud and on-premises environments

Educate teams on secure design principles, defensive programming techniques, and proper configuration of security tools and services

Develop and grow relationships with system and technology owners across the business

Ad-hoc duties as assigned

Qualification

IT security conceptsSecurity frameworksSecurity toolsRisk methodologiesIndustry certificationsCommunication skillsProblem solvingTeam collaboration

Required

Strong understanding of IT security concepts and technologies. Have experience with specific security tools and applications, such as firewalls, intrusion detection systems, and vulnerability scanners

Strong communication skills, the ability to problem solve, and work as part of a team

Work effectively with other IT and security professionals, as well as business stakeholders

Experience with security frameworks (e.g., NIST CSF, SABSA, TOGAF) and risk methodologies (e.g., FAIR, OCTAVE)

Preferred

5+ years of progressive experience in security, with at least 1 year in a dedicated security architecture role

Relevant industry certifications such as ISA/IEC 62443 (Cybersecurity Risk Assessment Specialist), CISA (ISACA Certified Information Systems Auditor), CSA CGC (Cloud Security Alliance Cloud Governance and Compliance), GCIP (GIAC Critical Infrastructure Protection)

Bachelor's degree in Computer Science, Information Technology, or a related field; or equivalent practical experience