Summary:

This position is part of a team responsible for analyzing system and network activity and security controls to detect and respond to cyber-attacks against AutoZone. This position is responsible for analyzing alerts identified independently or escalated from lower level analysts and taking appropriate actions to resolve or escalate. This analyst will also have responsibility for tuning and recommending adjustments to security tools and capabilities. This analyst is expected to deliver desired, sustainable business outcomes and assure the integrity and continuity of AutoZone systems. This includes teaching domain expertise, providing technical guidance and mentoring, supporting customers, working with partners, resolving problems, and training as required.

Responsibilities:

Participate in any and potentially all roles of security operations lifecycles. Roles may vary by project and assignment. This may include, but not limited to:
• Analyzing security alerts identified independently or escalated from lower level analysts and taking appropriate actions to resolve or escalate.
• Identifying and recommending adjustments to security tools and capabilities to improve detection fidelity.
• Processing, generating, and distributing relevant threat intelligence
• Documenting, improving, and maintaining operations playbooks
• Identification of security concerns, risks, and mitigating controls.
• Technical design and administration of security controls and services, and architecture, e.g. infrastructure and / or network systems, application security tools and processes, identity and access management technologies, and /or incident response functions.
• Technical services; software, hardware and network architecture design and maintenance; security operations.
• Accurate work planning and execution; accurate project and time tracking.
• Teaching, coaching, and mentoring less experienced AutoZoners.

Requirements:
• Typically requires four to seven years' information security experience based on consistently demonstrated capabilities in a mid to large enterprise environment.
• Solid task estimation, planning and execution skills
• Solid problem solving, domain technical and analytical skills
• Solid system design and implementation skills
• Knowledge and experience with IT Security Operations Center (SOC) activities, responsibilities, and processes, e.g tuning detective controls and SIEM systems to improve fidelity, threat hunting, threat intel processing, incident response activities.
• Knowledge and experience with one or more of the following security domains:
• Network and endpoint security, e.g. experience with enterprise firewalls, web gateway proxies, Active Directory security controls, EDR clients, etc.
• Application security, e.g. understanding of application-layer security controls and risks, penetration testing, code reviews, etc.
• Identity & Access Management, e.g. directory administration, single sign on (SSO), CyberArk or other privileged user administration tools, multi-factor authentication, etc.
• Preferred: Bachelor's degree in Computer Science or related field
• Preferred: Understanding of, and experience with, scripting or coding languages
• Preferred: Security credentials such as Certified Information Systems Security Professional (CISSP)

---