Lead Security Analyst

Overview

Lead Security Analyst Jobs in Seattle, Washington, USA at Lululemon Athletica

Title: Lead Security Analyst

Company: Lululemon Athletica

Location: Seattle, Washington, USA

Type: Full Time

Category: IT/Tech, Security

Business Unit:Store Support Centre (SSC)

lululemon is aninnovativeperformance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to ourinnovativeproduct, emphasis on stores, commitment to our people, and the incredible connections we make in every community we’re in.

As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable,inclusiveand growth-focused environment for our people.

About this team:

The lululemon cybersecurity team enables lululemon to conduct its global operations in a secure manner and safeguard the trusted information of its guests and users. This is accomplished by understanding business risk as manifested through cybersecurity and compliance risk, and by maintaining a high degree of employee awareness of all security and compliance topics. To further enhance our team, we are looking for an experienced Cyber Security Senior Analyst.

A day in the life:

The Lead Security Senior Analyst will help the team to perform Security Operations Center (SOC) duties, which include incident response, malware analysis, monitoring, and threat hunting. This role will work with the team and become our technical leader to implement and apply technologies, processes, and practices designed to protect networks, devices, and data from malicious attack, damage, or unauthorized access.

Lead technical investigations across security and other technology teams.

Conduct threat analysis, assessment, and malware triage in support of security investigations and incident response process.

Provide technicalleadershipand coaching to security operations personnel.

Aid in the creation of a scalable, holistic Triage and Analysis program.

Conduct regular investigations reviews on team/analysts’ investigations for potential areas of improvement.

Recognize and research attacker tools, tactics, and procedures (TTP) in indicators of compromise (IOCs) that can be applied to current and future investigations.

Build internal scripts, tools, and automation processes to enhance detection and response capabilities.

Collaborate with technical and business teams to drive SOC initiatives acting as the SME.

Provide after-hour support as needed and participate in on-call rotation.

Qualifications:

Strong knowledge of cloud security in Azure and/or AWS.

Bachelor’s Degree in Computer Science or Computer Crime Investigations preferred.

5+ years of demonstrated experience in computer security-related disciplines such as incident response, host forensics, malware analysis, network traffic analysis, Insider Threat, alerts tuning, and trend analysis.

Understanding of security threats, vulnerabilities, controls, and remediation strategies in customer data environments.

Strong security concepts of threat categories (such as malware, phishing attacks, Defense-in-Depth, MITRE ATT&CK framework, etc.).

Extensive experience working with security tools such as SIEM, EDR, firewalls, IDS/IPS, antispam, content management, server, and network device hardening, etc.

Strong knowledge of Windows, Linux, and/or Mac OS and comfortable with looking at, understanding, and investigating Security Event logs.

Experience with query languages and scripting languages.

Expe…