Senior Security Analyst Fraud & Abuse

Bath & Body Works•Gahanna, OH

50d

About The Position

Cyber Security sits within the Information Technology team as an integral part of the Bath & Body Works business. As an individual contributor focused on the intersection between fraud and security, you will form an end-to-end perspective of fraudulent activity across the enterprise. This will allow you to monitor daily operations, deliver extensive attack/response playbooks, propose policy or security changes, and monitor the effectiveness of fraud prevention solutions. You will work extensively with internal and external business and technology partners from entry-level to senior executives in all areas of the business. If you love tackling challenges, helping grow programs, and fostering collaboration, this is the role for you.

Requirements

7-10 years of experience in a fast-paced e-commerce fraud or security role
Comfortable using SQL/KQL to manipulate large data sets from multiple sources
Proven results using data to tell stories that compel change
Ability to ensure operational integrity and operate within business SLAs
Deep knowledge of human behavior as it relates to behavior modification and operating steps ahead of attackers
Hands-on experience with proxy and testing tools such as Burp Suite (or similar application security testing tools) and Postman (or similar API testing tools) to inspect, modify, and replay HTTP/S requests, and analyze network traffic, specifically for the purpose of identifying fraud vectors and abuse.

Nice To Haves

Ability to document and reproduce end-to-end attacks
Experience with Python, PowerBI, or other data analysis tools
CFE, GWAPT, GWEB, ASCP, C-APIPen, AML, ISO 31000, or other certifications related to financial fraud, security, or risk management
Investigation exposure including but not limited to: API abuse, Loyalty abuse, promotional abuse, account takeover, gift card fraud, unauthorized reseller/re-shipper, supply chain fraud, refund fraud, customer support policy abuse, synthetic accounts, social media-driven attacks, bot attacks

Responsibilities

Develop and maintain Fraud Investigation policies and response/attack playbooks
Research novel industry fraud attacks and perform root cause investigation on emerging attacks
Join data from different sources to investigate and scope at scale
Author detection capabilities that allow the business to prevent revenue loss due to fraud
Foresee the fraud risks associated with policy, process, or tool changes
Monitor and investigate active fraud vectors
Propose security changes for the purpose of preventing fraud

Benefits

Robust medical, pharmacy, dental and vision coverage. Plus, access to our onsite wellness center and pharmacy located at the Columbus, OH home office.
401k with company match and Associate Stock Purchase with discount
No-cost mental health and wellbeing support through our Employee Assistance Program (EAP)
Opportunity for paid time off and paid parental leave. Plus, access to family and lifestyle programs including a family building benefit, childcare discounts, and home, auto and pet insurance.
Tuition reimbursement and scholarship opportunities for post-secondary education programs
40% merchandise discount and gratis that encourages you to come back to your senses!

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume