Sr. Cybersecurity Analyst 2 - Intel and IR (Remote)

Publix can offer virtual employment for this position in the following states: FL, GA, AL, TN, SC, NC, VA, KY.

Welcome to Publix Technology, the award-winning technical group for Publix Super Markets, Inc., the largest employee-owned company in the nation. Our technology teams of 2100+ associates provide cutting-edge, modern solutions to nearly 1400 retail stores and 200,000+ internal team members across 8 states. We offer positions at all levels - summer internships, individual contributor roles, to technical leadership across a broad range of technical disciplines. Whether you are interested in IT security, platform engineering, architecture, software development, or infrastructure - we have a career path for you! Discover why Publix Super Markets, Inc. has been on Fortune's 100 Best Companies to Work For list.

The Sr Cybersecurity Analyst 2 performs complex analysis, development, and implementation activities across several cybersecurity disciplines including alert investigations, incident response, forensic and malware analysis, and threat intelligence. This position identifies security risks and threats and develops and implements solutions to reduce risk. Under less specific guidance, this role is responsible for protecting Publix systems, networks, and data from unauthorized use or disclosure and ensuring compliance with all applicable legal, contractual, and regulatory cybersecurity requirements.

• Develop and execute complex incident response playbooks and procedures.
• Develop advanced, scalable, and durable detections for various threat scenarios.
• Develop and execute advanced forensic analysis procedures.
• Research and stay current on threats and adversaries targeting the organization.
• Perform hypothesis-driven threat hunts on the Publix Enterprise Network.
• Perform malware analysis to support incident response.
• Develop automation scripts and playbooks to improve incident response time.

• Bachelor’s degree in management information systems, Computer Science, Business, or equivalent experience.
• 4+ years of experience in Security Operations, Incident Response, Forensic Analysis, Penetration Testing, Network Security, or Platform Security.
• 2+ years of knowledge of triaging incidents using endpoint detection and response (EDR) tools, intrusion protection systems (IPS), Wireshark, web application firewall (WAF), cloud security monitoring and detection tools, forensic acquisition, and analysis tools such as KAPE and volatility in an enterprise setting.
• 6+ years of experience triaging incidents with EDR, IPS, Wireshark, WAF, cloud security tools, forensic tools.
• Strong skills in data analysis with SIEM query languages like Splunk SPL or KQL.
• Strong knowledge of offensive tradecraft and adversary capabilities.
• Scripting and automation skills using PowerShell, Python, bash, or other languages.
• One or more certifications such as GIAC certifications or Palo Alto Networks Certified Network Security Engineer (PCNSE).