Senior Specialist, Cybersecurity Analyst
The role of the Cybersecurity Analyst is to assist in the building and monitoring of Hollister’s cybersecurity architecture and operations globally, developing appropriate security controls for business partners and service providers.
The Cybersecurity Analyst will ensure Cybersecurity architecture and practices safeguard products and solutions that meet business requirements while maintaining a strong security posture.
The Cybersecurity Analyst handles day to day security administrative and proactive monitoring activities ensuring the stable and secure operations of IT and related systems and components.
The Cybersecurity Analyst will handle all levels of triage for incoming security issues, assessing event priority, determining risks, and monitoring appropriate remediation activities.
The Cybersecurity Analyst will monitor security compliance through technical audits, risk assessments and issue management in order to maintain a compliant, audit ready posture. This role also acts as a core team member to the Enterprise Architecture team and Project Management Office to deliver technical security advisory services.
The Cybersecurity Analyst will work closely with IT Operations and other functional areas to ensure vulnerabilities and threat indicators are rated by severity and responded to in a manner consistent with the risks.
The Cybersecurity Analyst will develop security procedures and metrics for the security of Hollister global networks, systems and applications.
- Develops and maintains the Cyber Security and privacy technical architecture. Recommends guiding principles and technical standards that foster technology decisions.
- Collaborates with IT and business units to understand the requirements for security (stability, availability, integrity, privacy etc.).
- Maintains architecture diagrams for both the current and future state.
- Builds security controls that transition from current to future state.
- Stays abreast of technology innovations relating to cyber security to ensure decisions align with industry best practices.
- Steers security operations and implementation of security controls and solutions.
- Addresses cyber security service requests and tickets on a timely manner, to customer satisfaction, and within security standards or principles.
- Conducts vulnerability scans, effective systems patching and remediation tracking based on defined or applicable risk to the enterprise.
- Identifies and implements appropriate security and privacy monitoring within IT to safeguard Hollister's cybersecurity program.
- Configure and support security end point protection, intrusion detection and prevention, Internet and messaging security gateways, encryption architecture, and threat intelligence.
- Steers security incident response and mitigation processes.
- Executes the security incident response lifecycle to drive threat remediation and strategic countermeasures.
- Addresses cyber-attacks through proactive identification, containment of security incident, mitigation of malicious threats and malicious software, and system recovery.
- Coordinates activity related to Data Loss Prevention (DLP) strategy by configuring appropriate policies, communicating violations and risks, and providing solutions for secure digital transfer or storage.
- Identifies Cyber Security and compliance requirements and develops specific solution architectures.
- Identifies security and compliance requirements that align with standards, policies, technical controls and architecture principles. Reviews risk assessments completed as part of the project lifecycle.
- Builds solution architectures that meet project requirements and align with architecture principles and futures architecture vision.
- Partners with the Enterprise Architecture function to provide technology evaluations and recommendations relating to cyber security.
- Performs security impact assessments to determine the enterprise's specific security and privacy related requirements and appropriate assurance monitoring.
- Advocates security risk management framework to ensure that security decisions are consistent and appropriate to Hollister’s needs for system and information protection, integrity, availability, privacy and regulatory compliance.
- Performs risk assessment to ensure appropriate security during introduction of new technologies. Review and approve the findings and recommendation of risk assessments.
- Conducts audits and monitors issues to provide assurance reporting of how Hollister is complying with policies, standards, and industry regulatory requirements and the internal control framework in order to maintain a compliant, audit ready, posture.
- Conducts security due diligence of third-parties (vendor, suppliers and partners) based on risk model including security contract language, and logical, physical and administrative controls.
- Researches and evaluates new technologies for fit into the enterprise and provides security advisory services to the IT Project Management Office (PMO).
- Provides feedback and act as a security technical advisor for IT projects and solutions.
- Identifies and recommends cyber security controls that will transition the architecture to support future vision.
- Works with Project Managers to define security project cost, resource, and schedule estimates.
- Analyzes technology industry and market trends, and determines their potential impact on the enterprise.
- Contributes to the Enterprise Architecture (EA) and Technical Review Board (TRB) requests for security architecture and technology solutions.
- Brings forward new solutions, architectures or technologies to ensure data security safeguards align with IT solutions that will transition the architecture to the denied future vision.
- Applies risk based approach or value metrics to define security technical requirements and participate in evaluation scoring.
- Oversees technology evaluations and determines the best solution based on business and technical requirements.
Academic Credentials/Length of Experience Requirements:
- BS/BA Computer Science or equivalent related field of study required.
- An industry leading security certification required such as Certified Information Systems Security Professional (CISSP) or equivalent.
- Minimum 7 years of progressive technical IT experience focusing on cyber security
- Talk on the phone with suppliers and Hollister Associates
- Read technical manuals / trade journals
- Use a personal computer and strong proficiency in PowerPoint, Excel and Word
- Travel via plane or automobile
- Lift up to 35 lbs.
Specialized skills/technical knowledge
- Working knowledge of Windows Server and Desktop Operating Systems, Active Directory Domain design and implementation, and endpoint security.
- Understanding on how to conduct investigations of security incidents.
- Understanding on how to conduct third-party security due diligence or audits.
- Understanding of SANS Critical Security Controls or NIST Computer Security Standards
- Knowledge of TCP/IP, switching, routing, VLANs and VPNs.
- Knowledge of Next Generation Firewalls or Unified Threat Management (UTM) technologies.
- Knowledge of Identity and Access Management (IAM) technologies.
- Knowledge of Security Incident and Event Management (SIEM).
- Knowledge of Intrusion Detection/Prevention Systems (IDS/IPS) technologies.
- Knowledge of Privileged Access Management (PAM) solutions.
- Knowledge of cloud based technology or Cloud Based Security Broker (CASB) technologies.
- Knowledge of Vulnerability and Threat Management (VTM).
- Knowledge of virtualized environments and infrastructure technologies.
- Strong understanding of shell scripting, and able to apply knowledge.
- Knowledge of encryption techniques and PKI infrastructure.
Hollister is an EO employer – M/F/Veteran/Disability
Job Req ID: 23321
Job Segment: Law, Information Technology, IT Architecture, Information Systems, Risk Management, Legal, Technology, Finance
Through a shared affirmation that every human being has dignity and intrinsic value, the focal point of everything we do at Hollister is people. At Hollister, we realize that each person who uses our products and services is on a distinct, and often challenging, life journey. In every aspect of what we do, the overriding goal and commitment is to make a difference in that journey.
The principle of Dignity means that we respect all people, independent of the work they do, their age, their color, their gender, or their nationality.
Integrity is at the heart of how we do business at Hollister, and throughout the company, there is an unwavering conviction that the ethical way is the only way to conduct our business.
The principle of Service, to our customers and to each other, inspires us to strive for unconditional customer satisfaction; serving with humility, compassion, and perseverance.
The principle of Stewardship inspires Hollister Associates to act as guardians of the company – ensuring that Hollister will continue to be independent, employee-owned, and faithful to its Mission of making a sustained and meaningful difference in the lives of people around the world.
Ostomy Care, Continence Care, Wound Care, Critical Care
Company Type: Public Company
Company Size: 5,001-10,000