Senior Information Security Analyst

Carter's/OshKosh

Atlanta, GA

JOB DETAILS
SKILLS
Analysis Skills, Big Data, Business Solutions, Cloud Computing, Coaching, Communication Skills, CompTIA A+, CompTIA Network+, CompTIA Security+, Computer Forensics, Computer Science, Computer Security, Data Analysis, DevOps, Dynamic Analysis, Endpoint Security, Establish Priorities, HIPAA (Health Insurance Portability and Accountability Act), Hunting, Hybrid Cloud, Incident Management, Incident Response, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), International Information Systems Security Certification Consortium (ISC)2, Internet Security, Malware Analysis, Management of Information Systems/Technology (MIS), Marconi/MSI Planet, Mentoring, Metrics, Network Operations Center, Network Security, On Call, Operational Strategy, PCI-DSS, Policy Development, Procedure Development, Process Improvement, Proof of Concept, Regulatory Compliance, Reporting Dashboards, Retail, Risk, Risk Management, SSCP - Systems Security Certified Practitioner, Security Analysis, Security Architecture, Security Attacks, Security Auditing, Security Monitoring, Security Policy, Security System Design, Standards Development, System Integration (SI), Team Player, Threat Modeling, Time Management, Warehousing, Willing to Travel
LOCATION
Atlanta, GA
POSTED
6 days ago
Serving the needs of all families with young children, Carter’s Inc. is the largest North American apparel retailer exclusively for babies and young children, encompassing Carter’s, OshKosh B’gosh, Skip*Hop and Little Planet brands. Meaningful work, constant learning, genuine people, and a community guided by core values that promote inclusion and innovation is in everything we do. There are many reasons to build your career at Carter's.


How you’ll make an impact:


The Senior Security is a member of the IT Security team reporting to the Sr. Manager, IT Security. Security Senior Analyst are primarily focused on leading complex investigations, driving departmental improvement efforts on monitoring, detecting, administration, or responding to security events and threats across the organization. Working under general supervision, this role exercises considerable independent judgment and takes ownership of advanced cyber security activities. The Senior Analyst is a key technical contributor and a bridge between operational execution and strategic security initiatives. This position could also serve as a foundation for building deeper expertise in various other security domains.


Key Responsibilities


Depending on the needs of the department, the duties of this role could include:


Security monitoring & day-to-day operations (30%)


+ Day-to-day information security analysis across events, alerts, and threats

+ Supporting the security manager with vulnerability, alert, and incident oversight

+ Staying current on the threat landscape and zero-day vulnerabilities

+ Translating threat intelligence into actionable detection and defense improvements

+ Reporting, Metrics and dashboarding


Vulnerability & risk management (20%)


+ Leading threat & vulnerability management (TVM) activities

+ Risk prioritization, remediation tracking, and stakeholder reporting

+ Representing the security team in audits and regulatory compliance activities

+ Contributing to security policy, standards, and procedure development


Incident response & digital forensics (15%)


+ Leading investigation and response to high-severity and complex security incidents

+ Driving containment through post-incident review and lessons learned

+ Performing digital forensic investigations on endpoints, servers, and cloud environments

+ Conducting static and dynamic malware analysis to understand attacker TTPs


Threat detection & hunting (15%)


+ Proactive threat hunting using behavioral analytics and hypothesis-driven methodologies

+ Developing and maintaining threat models for critical business systems and data assets

+ Mentoring and coaching junior analysts on threat analysis and detection techniques


Security engineering & architecture (20)%


+ Collaborating with IT, DevOps, and business teams to integrate security into system design

+ Evaluating and recommending new security technologies, tools, and vendors

+ Participating in proof-of-concept testing for new security solutions


Physical Demands


+ Sitting-Frequently (activity or condition exists up to 1/3 of time)


Travel Requirements


+ Open-to-travel between various Carter's offices (Buckhead, warehouses, international offices, etc.) and other locations (QTS datacenter, Irving, Retail stores, vendor sites, etc.) as needed.


We’d Love to hear from you if: (Requirements section)


Must have:


+ 2+ years of IT, IT Audit, IT Networking or Network security experience

+ Ability to professionally communicate, verbally and in writing

+ Ability to meet deadlines and work with management across various disciplines

+ A collaborative team player spirit willing to learn and adapt

+ Ability to perform on-call duties during off-hours and holidays

+ An adaptable and flexible attitude towards changing business needs


Preferred skills and experience:


+ Experience with endpoint configurations and/or security.

+ Knowledge of application security concepts and secure SDLC practices.

+ Experience with red team or penetration testing activities.

+ Proficiency with log analysis at scale and big data security analytics.

+ Exposure to regulatory compliance frameworks (PCI DSS, HIPAA, SOC 2, GDPR).

+ Experience in a cloud-native or hybrid-cloud enterprise environment.

+ Experience with one or more security domain

+ Bachelor’s degree in computer science or related field

+ Security +, ISC2 CC, CompTIA A+, CompTIA Network +, SSCP or CCT certifications


_Carters is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, veteran status, or any other status protected by federal, state, or local law._

About the Company

C

Carter's/OshKosh