Responsibilities:
H‑E‑B is a leading innovator in technology, and our Digital Technology Team collaborates to design, construct, implement, and support solutions across the enterprise.
As an Information Security Analyst, you’ll collaborate with key H-E-B Partners on security programs used to implement corporate standards, procedures, and guidelines to align with various compliance and risk requirements.
Once you’re eligible, you’ll become an Owner in the company, so we’re looking for commitment, hard work, and focus on quality and Customer service. “Partnerowned” means our most important resources—People—drive the innovation, growth, and success that make H-E-B The Greatest Omnichannel Retailing Company.
Do you have a:
HEART FOR PEOPLE… interpersonal skills to work with others?
HEAD FOR BUSINESS… willingness to maintain / gain new technical knowledge?
PASSION FOR RESULTS… ability to advise on development / acquisition projects to ensure the best security-related outcomes?
We are looking for:
2+ years of experience as an IT professional professional security certification
- This role is equivalent to Tier-2 intermediate level SOC for cyber security operations center. Tier-2 SOC Analyst=Info Security Analyst at H-E-B.
- Demonstrated experience equivalent to Tier-1 SOC analyst or similar.
What is the work?
Projects:
- Assists in determination of requirements; recommends / implements / tests system security configurations and controls based on application of appropriate risk assessment methodologies
- Develop or update cyber security operations center runbooks, plans, procedures or playbooks.
Security / Analytics / Administration:
- Responsible for incident identification, triage, preliminary investigation, initial remediation, and further escalation of unresolved security events or incidents.
- Update investigations of events or incidents in tickets or case management or support after-action reports.
- Determine when unresolved cyber security events should escalate to senior analyst Tier-3=Incident Responder for possible cyber security incidents.
- Support Tier3=Incident Responder, may include assisting documentation in tickets, case management or meeting notes for Tier=3=IR declared incidents.
- Conduct basic retroactive hunts for indicators of potential threats (IoC) provided by threat intelligence reports or senior analysts.
- Receives escalated to cyber security requests or events.
- Recommend event escalation category or severity according to (IRP) Incident Response Plan.
- Provides monthly, quarterly or ad-hoc strategic / operational risk reporting and analytics for cyber security operations (SOC) trending.
- Participates in on-call rotation for cyber security on escalated events or incidents, with support of after-hours managed service provider(s).
What is your background?
- Minimum 2 years experience working full-time as security professional in cyber security alert analysis, security architecture, malware research, security operations, or similar experience.
- A related degree or comparable formal training, certification, or work experience .
- At least one professional security certification: e.g., CISSP, SANS, CompTIA etc. (preferred).
- Experience with ticketing or case management systems.
- Experience working IT service desk or networks/system operations center, technical support.
- Experience analyzing log information, packet captures, etc. from a variety of sources.
- Experience in scripting language(s) or code development for task automation
- Working knowledge of securing Linux, Windows, or networking technologies - Should understand malware, network protocols, security tooling, and enterprise security architecture
- Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff.
- Demonstrate strong communication & interpersonal skills, both verbal & written with collaborative mindset Service-oriented.
Can you…
- Function in a fast-paced, retail, office environment
- Travel by car / plane with overnight stays
- Work extended hours, nights, weekends, and rotating shifts; sit for extended periods