The CyberSecurity Sr. Analyst – Threat Intelligence & E-Commerce role reports to the Sr. Manager of Threat Intelligence and is responsible for identifying, categorizing, tracking, and helping to remediate threats and vulnerabilities in the global enterprise environment.
The Sr. Analyst is also responsible for proactively protecting information assets from unauthorized or inappropriate access, use or disclosure as well as business disruptions through proper identification and escalation of vulnerabilities.
In addition to working closely with IT and the Business, regular interaction with internal and external auditors, Legal, Privacy and Ethics is also required of the position.
Duties and responsibilities may include:
- Responsible for supporting Penetration Testing and Web Application Security initiatives.
- Develops an understanding of Newell Brands current and forward-looking threat profile.
- Knowledge of security management, network & protocols, data and application security solutions.
- Assists in electronic discovery and digital forensic investigations.
- Provides expertise, guidance and advice related to all Cyber Security issues.
- Responsible for supporting Security Operations functions including Threat and Vulnerability Management, Incident Response, Alerting and Monitoring.
- Protects valuable information and maintains the confidentiality and integrity of data through knowledge of industry trends and current and emerging risks.
- 5+ years in an Information Security role.
- Proven experience with Vulnerability Assessment tools (Nexpose, Nessus, Burp) required.
- Experience with Metasploit preferred.
- Ability to demonstrate thorough understanding of security concepts.
- Ability to demonstrate thorough knowledge network, OS, and application vulnerabilities.
- Experience with Web Applications, manual and automated penetration testing and pro-active threat hunting.
- Ability to demonstrate thorough knowledge designing vulnerability mitigations.
- Ability to manually assess vulnerabilities and verify false positives.
- Ability to prioritize vulnerabilities by their risk to the organization.
- Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or related field required.
- GPEN Certified Penetration Tester, GCIH Certified Incident Handler, or Certified Information Systems Security Professional (CISSP) preferred.