H-E-B San Antonio , TX 78245
Posted 2 weeks ago
Responsibilities
H-E-B is a leading innovator in technology, and our Digital Technology Team collaborates to design, construct, implement, and support solutions across the enterprise.As an Information Security Analyst, you'll collaborate with key H-E-B Partners on security programs used to implement corporate standards, procedures, and guidelines to align with various compliance and risk requirements.Once you're eligible, you'll become an Owner in the company, so we're looking for commitment, hard work, and focus on quality and Customer service. 'Partner-owned' means our most important resources--People--drive the innovation, growth, and success that make H-E-B The Greatest Omnichannel Retailing Company.Do you have a:HEART FOR PEOPLE... interpersonal skills to work with others?HEAD FOR BUSINESS... willingness to maintain / gain new technical knowledge?PASSION FOR RESULTS... ability to advise on development / acquisition projects to ensure the best security-related outcomes?We are looking for:- 2+ years of experience as an IT professional- professional security certification
What is the work?Management:- Assists in determination of requirements; recommends / implements / tests system security configurations and controls based on application of appropriate risk assessment methodologies- Assists Project Managers in developing project plans, specifying goals, strategy, scheduling, identification of risks, contingency plans, allotment of resources for each project phase- Monitors / drives project results against technical specifications
Security / Administration:- Performs security administration services for enterprise security systems (UNIX, Certificate Services, Firewall, Mainframe, Antivirus, Active Directory, etc.)- Responds to information security requests, incidents, and trouble tickets according to defined SLA- Participates in an on-call rotation for information security; resolves service outages within SLA- Serves as active member of incident response teams; performs related forensic and investigation services- Participates in disaster recovery and business continuity efforts- Develops security processes / procedures; supports SLAs to ensure security controls are managed and maintained- Plays advisory role in application development and acquisition projects to assess security requirements and controls; ensures security controls are implemented as planned- Reports to H-E-B management on residual risk, vulnerabilities, other security exposures, including misuse of information assets and noncompliance- Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks- Maintains job knowledge; participates in educational opportunities and professional organizations; stays current on professional publications; maintains personal networks- Supports internal and external audits (e.g., PCI DSS, HIPAA)Analytics:- Provides monthly, quarterly, and ad-hoc strategic / operational risk reporting and analytics for trending, risk assessment, compliance, and active exception reporting- Determines security requirements by evaluating business strategies / needs; researches info security standards; conducts system security and vulnerability analyses and risk assessments
What is your background?- A related degree or comparable formal training, certification, or work experience- 2+ years of experience working full-time as an IT professional- At least one professional security certification (e.g., CISSP, CISA, CEH, applicable SANs programs) or other industry certifications (e.g., Cisco, MSoft, VMware) (preferred)- Experience with ticketing systems, including workflow, ticket routing, and resolution documentation- Experience in Operations Center or Security Operations Center- Experience in secure coding standards and application security, cyber supply chain risk management, emerging technology risk management, and threat model development / management- Experience in project management
Do you have what it takes to be a fit as an Information Security Analyst at H-E-B?- Working knowledge of securing UNIX, Linux, Windows OS family, TCP/IP, and networking technologies- Familiarity with retail environments- Strong interpersonal and communication skills- Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff- Ability to understand the customer's perspective and tailor solutions according to H-E-B's security posture- Ability to influence others- Service-orientedCan you...- Function in a fast-paced, retail, office environment- Travel by car / plane with overnight stays- Work extended hours, nights, weekends, and rotating shifts; sit for extended periods
ISSEC3232#digitalsecurity
Responsibilities H-E-B is a leading innovator in technology, and our Digital Technology Team collaborates to design, construct, implement, and support solutions across the enterprise. As an Information Security Analyst, you'll collaborate with key H-E-B Partners on security programs used to implement corporate standards, procedures, and guidelines to align with various compliance and risk requirements. Once you're eligible, you'll become an Owner in the company, so we're looking for commitment, hard work, and focus on quality and Customer service. 'Partner-owned' means our most important resources--People--drive the innovation, growth, and success that make H-E-B The Greatest Omnichannel Retailing Company. Do you have a: HEART FOR PEOPLE... interpersonal skills to work with others? HEAD FOR BUSINESS... willingness to maintain / gain new technical knowledge? PASSION FOR RESULTS... ability to advise on development / acquisition projects to ensure the best security-related outcomes? We are looking for:
2+ years of experience as an IT professional - professional security certification What is the work? Management:
Assists in determination of requirements; recommends / implements / tests system security configurations and controls based on application of appropriate risk assessment methodologies
Assists Project Managers in developing project plans, specifying goals, strategy, scheduling, identification of risks, contingency plans, allotment of resources for each project phase
Monitors / drives project results against technical specifications Security / Administration:
Performs security administration services for enterprise security systems (UNIX, Certificate Services, Firewall, Mainframe, Antivirus, Active Directory, etc.)
Responds to information security requests, incidents, and trouble tickets according to defined SLA
Participates in an on-call rotation for information security; resolves service outages within SLA
Serves as active member of incident response teams; performs related forensic and investigation services
Participates in disaster recovery and business continuity efforts
Develops security processes / procedures; supports SLAs to ensure security controls are managed and maintained
Plays advisory role in application development and acquisition projects to assess security requirements and controls; ensures security controls are implemented as planned
Reports to H-E-B management on residual risk, vulnerabilities, other security exposures, including misuse of information assets and noncompliance
Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
Maintains job knowledge; participates in educational opportunities and professional organizations; stays current on professional publications; maintains personal networks
Supports internal and external audits (e.g., PCI DSS, HIPAA) Analytics:
Provides monthly, quarterly, and ad-hoc strategic / operational risk reporting and analytics for trending, risk assessment, compliance, and active exception reporting
Determines security requirements by evaluating business strategies / needs; researches info security standards; conducts system security and vulnerability analyses and risk assessments What is your background?
A related degree or comparable formal training, certification, or work experience
2+ years of experience working full-time as an IT professional
At least one professional security certification (e.g., CISSP, CISA, CEH, applicable SANs programs) or other industry certifications (e.g., Cisco, MSoft, VMware) (preferred)
Experience with ticketing systems, including workflow, ticket routing, and resolution documentation
Experience in Operations Center or Security Operations Center
Experience in secure coding standards and application security, cyber supply chain risk management, emerging technology risk management, and threat model development / management
Experience in project management Do you have what it takes to be a fit as an Information Security Analyst at H-E-B?
Working knowledge of securing UNIX, Linux, Windows OS family, TCP/IP, and networking technologies
Familiarity with retail environments
Strong interpersonal and communication skills
Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff
Ability to understand the customer's perspective and tailor solutions according to H-E-B's security posture
Ability to influence others
Service-oriented Can you...
Function in a fast-paced, retail, office environment
Travel by car / plane with overnight stays
Work extended hours, nights, weekends, and rotating shifts; sit for extended periods ISSEC3232 #digitalsecurity
H-E-B