Job Overview: The Information Security Specialist Level 3 (Security Analytics) is responsible for Threat Response and Security Incident Handling. S/he supports day-to-day Information Technology (IT) security operations and event investigation. The Specialist is involved with employee technology on-boarding, off-boarding, logical access control, and access entitlement review for internal and cloud systems. This role provides IT Security Information and Event Management (SIEM), log management, security incident management, and forensics. This individual serves a key role providing a holistic view of an organization's IT security preparedness and response to cyber threats.Essential Responsibilities:Lead Enterprise Vulnerability and Patch Management initiatives that advance business objectives in a manner that matches business appetite for riskImprove security awareness regarding evolving threats and common vulnerabilitiesAssist with examination of security controls (i.e., facilitate internal and external audits, compliance reporting, and management attestation)Examine operational effectiveness of security controls and design automation when valuableDevelop cyber security analytics and threat intelligence using multiple data sources using SIEMProvide 2nd level support to Security Operations Center (SOC)Configure security tools and sensors to alert on certain risk conditionsExamine cyber adversary techniques in order to develop defensive methodologiesExplore the security event alerting and auditing capabilities of various technology (e.g., Microsoft Windows, SQL, Email, Firewalls, IPS, AV, applications, etc.) and establish configuration standardsAssist Computer Emergency Response Team (CERT) with cyber threat detection and preventionResponsible for Security Data Analytics, SOC 2nd Level Support, Threat Intelligence and Security Risk ReportingFormally establish PVG, inventory of software in scope for patching, and risk register.Explore solutions (e.g., dashboard) to improve management visibility into vulnerabilities and service provider remediation progress.Advocate security awareness in build and operations. Become involved in planning of projects to consider security early on. Lead SANS Secure the Human (STH) rollout to key employees and developers.Facilitate PCI DSS 3.0 auditVulnerability Scanning and Penetration Testing, key control testing, Data Leakage Detection and Scanning, and Identity and Access acceptable use monitoringResponsible for employee technology on-boarding, off-boarding, logical access control, and access entitlement review for internal and cloud systemsAdditional Responsibilities:Recurring reporting to IT Management demonstrating operational effectiveness of security controlsGrow professional expertise with threat response and incident handling – obtain GCIH certification Specific Knowledge, Skills and Abilities: Knowledge of information technology including Microsoft Windows, Linux, office automation (e.g., Microsoft Word, Microsoft Excel, Microsoft Outlook, etc.), email, databases.Understanding of networking concepts and technologies including Routing, Switching, NAT, OSI Model, etc.Strong knowledge of common information security concepts such as anti-virus, logical access control, firewalls, intrusion prevention, least privilege, separation of duties, etc.High level of analytical and problem-solving abilitiesAptitude to learn new technology product and conceptsAbility to manage multiple projects and multiple deadlines in an organized fashionInterest to learn scripting languages, macros, programs, and regular expressionsUnderstanding of basic data analysis and management conceptsAbility to communicate clear call to action verbally and in written formDesire to learn new products and techniques to safeguard information systems and dataAbility to work independently to advance daily duties as well as collaboratively with multiple teams to advance projectsExperience with Splunk, analytic development, data mining, data visualization, or machine learning is also helpful.Experience with Data Warehouse and Business Intelligence (BI) tools desired but not requiredAbility to author technical and management risk reportsPreferred Education, Experience and Licenses:Minimum Education Required: Associate Degree in Information Assurance, Computer Science, Mathematics, or Business Administration or related field or equivalent job-related experience.Education Desired: Bachelor Degree in Security Management, Information Assurance, Computer Science, Mathematics, or Engineering or related fieldISC2 CISSP or ISACA CISM/CISA professional certification preferred10 years of experience in IT or in role that requires regular use of Information Technology and Data Management.2 years of experience with Security Information and Event Management (SIEM) products (e.g., Splunk, ArcSight, LogLogic, etc.) preferredExperience in Retail desired, but not required