Senior Information Security Analyst
Carters Inc. · Atlanta, GA · 6 days ago
Information TechnologyFull-time
Key Responsibilities
- Security monitoring & day-to-day operations
- Supporting the security manager with vulnerability, alert, and incident oversight
- Staying current on the threat landscape and zero-day vulnerabilities
- Translating threat intelligence into actionable detection and defense improvements
- Reporting, Metrics and dashboarding
Vulnerability & Risk Management
- Leading threat & vulnerability management (TVM) activities
- Risk prioritization, remediation tracking, and stakeholder reporting
- Representing the security team in audits and regulatory compliance activities
- Contributing to security policy, standards, and procedure development
Incident Response & Digital Forensics
- Leading investigation and response to high-severity and complex security incidents
- Driving containment through post-incident review and lessons learned
- Performing digital forensic investigations on endpoints, servers, and cloud environments
- Conducting static and dynamic malware analysis to understand attacker TTPs
Threat Detection & Hunting
- Proactive threat hunting using behavioral analytics and hypothesis-driven methodologies
- Developing and maintaining threat models for critical business systems and data assets
- Mentoring and coaching junior analysts on threat analysis and detection techniques
Security Engineering & Architecture
- Collaborating with IT, DevOps, and business teams to integrate security into system design
- Evaluating and recommending new security technologies, tools, and vendors
- Participating in proof-of-concept testing for new security solutions
Physical Demands
- Sitting - Frequently (activity or condition exists up to 1/3 of time)
Travel Requirements
Open-to-travel between various Carter's offices (Buckhead, warehouses, international offices, etc.) and other locations (QTS datacenter, Irving, Retail stores, vendor sites, etc.) as needed.
Must Have
- 2+ years of IT, IT Audit, IT Networking or Network security experience
- Ability to professionally communicate, verbally and in writing
- Ability to meet deadlines and work with management across various disciplines
- A collaborative team player spirit willing to learn and adapt
- Ability to perform on-call duties during off-hours and holidays
- An adaptable and flexible attitude towards changing business needs
Preferred Skills And Experience
- Experience with endpoint configurations and/or security
- Knowledge of application security concepts and secure SDLC practices
- Experience with red team or penetration testing activities
- Proficiency with log analysis at scale and big data security analytics
- Exposure to regulatory compliance frameworks (PCI DSS, HIPAA, SOC 2, GDPR)
- Experience in a cloud-native or hybrid-cloud enterprise environment
- Experience with one or more security domain
- Bachelor’s degree in computer science or related field
- Security +, ISC2 CC, CompTIA A+, CompTIA Network +, SSCP or CCT certifications