For our ADA-friendly site, please click here

Security Analyst

📁
Information Technology
💼
Corporate
COMPANY OVERVIEW
For over a century, Neiman Marcus Group has served the unique needs of our discerning customers by staying true to the principles of our founders:  to be the premier omni-channel retailer of luxury and fashion merchandise dedicated to providing superior service and a distinctive shopping experience in our stores and on our websites. Neiman Marcus Group is comprised of the Specialty Retail Stores division, which includes Neiman Marcus and Bergdorf Goodman, and our international brand, mytheresa.com.  Our portfolio of brands offers the finest luxury and fashion apparel, accessories, jewelry, beauty, and home décor. The Company operates more than 40 Neiman Marcus full-line stores in the most affluent markets across the United States, including U.S. gateway cities that draw an international clientele.  In addition, we operate 2 Bergdorf Goodman stores in landmark locations on Fifth Avenue in New York City. We also operate more than 40 Last Call by Neiman Marcus off-price stores that cater to a value oriented, yet fashion minded customer.  Our upscale eCommerce and direct-to-consumer division includes NeimanMarcus.com, BergdorfGoodman.com Horchow.com, LastCall.com, and CUSP.com.  Every day each of our 15,000 NMG associates works towards the goal of enabling our customer to shop any of our brands "anytime, anywhere, and on any device." Whether the merchandise we sell, the customer service we offer, or our investments in technology, everything we do is to enhance the customer experience across all channels and brands.
 

Summary of Responsibilities:

The Security Analyst is responsible for the planning, implementation, and maintenance of the security controls within the organization.   These activities include working directly with the security operation center to evaluate and escalate risk to the organization.   The analyst is responsible for partnering with the security and compliance organizations to make recommendations on the next steps required to reach a higher maturity level within the organization.  In addition, the role will be responsible for defining, implementing, and maintaining the security standards for the organization. 

Essential Functions                              

  • Security Controls – Utilize the security tools within the organization such as Proofpoint, CrowdStrike, and McAfee to enhance the security posture of the organization

  • Security Assessment – Maintain and improve the current dynamic and static code analysis tools within the organization.

  • Compliance – Ensure all associates working on PCI/SOX systems have performed security training.

  • Privileged Request – Evaluate all privileged access request and firewall request within the organization to ensure the request is in line with the organization standards.

  • Vendor/Tool Selection – Partner with the vendor management office to perform evaluations of new vendors and tools within the organization to ensure proper risk mitigation.

  • Standards – Create or review the organization standards to ensure security practices are clearly outlined for the organization. 

  • Incident Response – Partners with the security operations staff to assist with incident response.  This will include evaluation of risk to the environment based upon information gathered from the security tools of the organization.

  • Vulnerability Scanning – Run penetration testing of the applications and infrastructure and make recommendations on remediations.

Requirements:

The ideal candidate will possess the following:

  • Bachelor’s degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering or related field(s) or equivalent demonstrated work experience.

  • 3-5 years of experience in the areas of Information Technology, Information Security.

  • CISSP required. Other certifications preferred

Technical Knowledge

  • Strong working knowledge of:

    • End point security solutions, IDS/IPS, Firewalls, Web Application Gateways, Logging and Monitoring (ex. Splunk), mail gateways, vulnerability management systems (ex. Rapid 7, Nessus, Qualys)

  • Control frameworks and control objectives

  • Cloud Computing (AWS, GCP, Azure)

  • Operating systems, databases and middleware components

  • Working knowledge of hardening standards for operating systems etc

Work Environment Characteristics

  • Self-motivated and results-oriented, including ability to prioritize conflicting demands.

  • Exceptional organizational skills to balance work and lead projects.

  • Strong verbal and written skills

  • Strong initiative, consensus-building and ability to collaborate directly and build strong relationships with a variety of internal and external stakeholders (business, development, compliance, etc.)

  • Ability to adapt and apply information to new scenarios and technologies

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Corporate

Irving, Texas

📁 Information Technology

Corporate

Irving, Texas

📁 Information Technology

Corporate

Irving, Texas

📁 Information Technology

Los Angeles and San Francisco Applicants: Neiman Marcus will consider for employment qualified applicants with criminal history as required by applicable law.
If you have a disability under the Americans with Disabilities Act or similar law, and you need assistance in accessing our Career Center or wish to discuss potential accommodations related to applying for employment at our Company, please contact ApplicantSupport@NeimanMarcus.com.
To listen to an audio clip of this information, click HERE.