Staff Cyber Security Threat Analyst - Cyber Incident Response Team - Remote

TJX Companies

At TJX Companies, every day brings new opportunities for growth, exploration, and achievement. You’ll be part of our vibrant team that embraces diversity, fosters collaboration, and prioritizes your development. Whether you’re working in our four global Home Offices, Distribution Centers or Retail Stores—TJ Maxx, Marshalls, Homegoods, Homesense, Sierra, Winners, and TK Maxx, you’ll find abundant opportunities to learn, thrive, and make an impact. Come join our TJX family—a Fortune 100 company and the world’s leading off-price retailer.

Job Description:

Who We Are

The Cyber Incident Response (CIR) team prepares TJX to respond rapidly to critical security incidents; contain, eradicate, and recover through incident command management.This team of highly specialized subject matter experts defends the TJX environment through detail-oriented analysis, thoroughness, partnership, and communications across all levels and teams throughout the business.

Our approach to incident management aligns with NIST industry recommendations for containment, eradication, and recovery processes while also allowing the breadth and depth of analysis, forensic investigation, and stakeholder engagement. By working closely with teams across TJX, we perform technical root cause analysis across a spectrum of potential threats and assist with the remediation and restoration of business operations.

What You’ll Do

As a Staff Threat Analyst (CIR), you will play an integral role in leading investigations into complex cyber threats, alerts, and vulnerabilities. This includes analyzing attack vectors, determining potential root causes, and documenting accurate, thorough incident reports. Beyond technical skills, you will need to use strong communication and inter-personal skills to communicate technical risks in accurate non-technical terms to stakeholder teams throughout the business. Responsibilities will include but not limited to:

• Collaborate with cross-functional teams to improve cybersecurity posture.

• Actively participate in responding to emerging and active threats.

• Recognizes and analyzes trends to make recommendations on optimizing processes, alerts, tools, and platforms.

• Defines and executes assigned projects, including contributing towards the development and dissemination of Tabletop Exercises (TTXs).

• Able to create and execute short to medium term strategies focuses on exposure and incident response capabilities.

• Mentor and train junior and mid-level analysts in advanced analytical techniques.

• Accurately document findings and provide suggested remediations with appropriate justifications.

• Present findings to technical audiences as well as senior leaders.

What You’ll Need

Our team is looking for people who enjoy pushing the limits and solving technologically challenging problems. We want you to bring your expert skills to further defend TJX, while you also gain valuable insight and capabilities from high functioning peers. We want associates who are passionate about constantly learning and evolving with changes in technology and threats. You will need to bring a customer focused mindset to helping other teams understand risks and make the right changes to improve the security posture in their area of responsibility.

Successful Candidates Will Have

• 5+ years of Incident Response, Security Operations, Threat Defense, Threat Hunt, Adversary Emulation (e.g., Red, Blue, Purple Teaming), and/or Disaster Recovery and Business Continuity experience in an enterprise setting.

• Bachelor’s Degree or equivalent experience in Cyber Security, Information Technology, Information Assurance, or a related field.

• Strong experience designing, planning, implementing and executing incident response efforts across a variety of technologies and services including Web, mobile, network, IoT and Cloud.

• Familiarity with the NIST Cyber Security Framework (CSF), common security controls and their purposes, and technologies that supply those controls.

• Familiarity with using the MITRE ATT&CK and MITRE D3FEND frameworks to evaluate and enhance strategies against cyber threats.

• Experience with Threat Intelligence activities for enriching cyber operations data analysis and response.

• Experience with scripting languages such as python and PowerShell.

• Experience coaching and teaching junior associates.

• Experience drafting reports for audiences that include both executive leadership and technical security engineers/analysts.

• Ability to collaborate, influence and coach a geographically distributed work group; and strong relationship management skills to include stakeholders, and holding team members across multiple levels accountable for commitments.

• Highly developed verbal and written communication skills (including an excellent ability to brief) at multiple levels, from analysts to executives; Ability to work up and down the organization; and the ability to influence others to achieve results through building & maintaining partnerships.

• Ability to work effectively in a fast paced, demanding and fluid environment, remaining calm under pressure, and demonstrating excellent conflict management skills.

Preferred Qualifications

Expert knowledge of Incident Response and Incident Command methodologies within cybersecurity and a global enterprise environment.

Expert knowledge in modern Cyber Operations tools, platforms, and analysis (i.e., SOAR, SIEM, and sources of security data).

Security certifications relating to Defensive Security (i.e. CISSP, CISA, CISM, GCIH, GCFA, etc.).

Strong understanding of working as part of an internal Cybersecurity organization.

Strong ability to develop advanced knowledge in specific fields and services, and to share insights and lessons learned to further enhance organizational preparedness.

Address:

Location: