Overview
H-E-B is one of the largest, independently owned food retailers in the nation operating over 420+ stores throughout Texas and Mexico, with annual sales generating over $34 billion. Described by industry experts as a daring innovator and smart competitor, H-E-B has led the way with creative new concepts, outstanding service and a commitment to diversity in our workforce, workplace and marketplace. H-E-B offers a wealth of career opportunities to our 145,000+ Partners (employees), competitive compensation and benefits program and comprehensive training that lead to successful careers.
Responsibilities
About H-E-B
H-E-B is one of the largest, independently owned food retailers in the nation operating over 400 stores throughout Texas and Mexico, with annual sales generating over $25 billion. Described by industry experts as a daring innovator and smart competitor, H-E-B has led the way with creative new concepts, outstanding service, and a commitment to diversity in our workforce, workplace and marketplace. H-E-B offers a wealth of career opportunities to our 109,000+ Partners (employees), competitive compensation and benefits program and comprehensive training that leads to successful careers.
Our Partners thrive The H-E-B Way . As an Incident Response Security Analyst , you would have a...
HEART FOR PEOPLE ... you have a passion for mentorship and guidance, and love for the direct person-to-person interactions that create strong bonds between teams
HEAD FOR BUSINESS ... you have an ownership mentality and a consistent track record of timely delivery of high-quality software
PASSION FOR RESULTS ... the ability to guide the discussion, remove roadblocks, and provide guardrails for your team as they identify challenges and propose solutions
ROLE
The Incident Response Analyst promotes a positive security culture for the organization by protecting the confidentiality, integrity, and availability of data and assets while assisting the company to successfully meet its strategic goals. This role is responsible for coordinating information security incident triage and response activities, reducing exposure and minimizing cyber risk. Works with various departments across H-E-B to investigate potential security incidents and perform deep-dive analysis. Informs key stakeholders on incident status reporting, resolution, and root cause analysis.

• Leads incident response activities, ensuring security incidents are properly contained, eradicated, and recovered.
• Shares information including updates/references for the SIEM tool, as necessary, for changes to process and procedure, ingestion of daily intelligence reports
• Collaborates with other teams on security research and intelligence gathering
• Manages and maintains adequate security processes and solutions to mitigate or remediate identified risks sufficiently to meet business objectives, contractual and/or regulatory requirements.
• Supports in the development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification and destruction.
• Understands risks and impact to systems in the corporate environment and their interconnectivity.
• Supports other engineers to understand security risks and impact to corporate solutions.
• Supports others in performing forensic analysis and risk assessments for the entire infrastructure.
• Recommends changes to the solution configurations to add new services, adapt existing services, and removes unnecessary services.
• Monitors and recommends remediation for security violations for network, devices, servers and other assets.

REQUIRED :

• 5+ years of experience in Information Security with 3+ years in incident response
• Knowledge of vulnerability management process including remediation planning.
• Working understanding of security assessment frameworks such as PCI, HIPAA, GDPR, MITRE ATT&CK and D3FEND, etc.
• Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
• Ability to clearly communicate Information Security matters to executives, auditors, end-users, and engineers, using appropriate language, examples, and tone.
• Ability to quickly understand systems to identify and validate security requirements.
• Understands security problems as a balance of both security and business needs.
• Demonstrated logical and structured approach to time management and task prioritization in support of teamwork goals.
• Demonstrated high level of communication skills, both verbal and written.
• Strong analytical skills, documentation skills, and awareness of change management.
• Willingness to work outside of regular business hours, as required.
• Provide threat analysis and security logs for security devices
• Analyze and respond to hardware and software weaknesses and vulnerabilities
• Investigate, document, and report security problems and emerging security trends
• Coordinate with other analysts and departments regarding system and network security when needed
• Create, implement, and maintain security protocols and controls, including the protection of digital files and data against unauthorized access
• Maintain data and monitor security access
• Anticipate threats, incidents, and alerts to help prevent the likelihood of them occurring
• Analyze all security breaches to determine the root causes
• Make recommendations of countermeasures and install approved tools

RECOMMENDED :

• One or more professional audit or security certifications such as Security+, Pentest+, CySa+ CEH, OSCP, CSA, GIAC, CASP, or CISSP (or equivalent experience).
• Knowledge and experience performing incident handling based off NIST 800-61
• Experience with host level scripting, e.g. Bash, Batch, Powershell.
• Relevant security experience within the AWS, Azure, and Google ecosystems
• Experience with conducting threat hunts using and adhering to the MITRE ATT&CK framework
• General knowledge of enterprise-level applications.
• Experience developing and reporting enterprise-level metrics.

*** Position locations open to San Antonio, Dallas, and Austin, TX areas
- TM1
#ISSEC3232