Sr Cybersecurity Analyst

About The Position

Requirements

• Knowledge of advanced cybersecurity concepts, including threat intelligence, penetration testing, and advanced attack techniques
• Skilled in cybersecurity regulations and standards, such as GDPR, HIPAA, and industry-specific compliance requirements
• Skilled in advanced threat detection methods and tools, as well as the ability to analyze and respond to complex threats
• Skilled in guiding incident response efforts, including managing complex incident investigations and coordinating teams
• Skilled in conducting in-depth vulnerability assessments and penetration testing to identify and address security weaknesses
• Ability to provide strategic insights into emerging threats, technologies, and best practices and shape the organization's cybersecurity strategy
• Ability to lead risk management efforts and develop effective strategies for identifying, assessing, and mitigating cybersecurity risks
• Skilled in effective collaboration and communication to work effectively with cross-functional teams, stakeholders, and external partners
• Ability to develop and enforce security policies, standards, and procedures, ensuring compliance and comprehensive security controls
• Ability to foster a security-aware culture within the organization, promoting cybersecurity awareness and knowledge-sharing among team members and stakeholders
• Required: High School Diploma or GED
• Required: Bachelor's degree in Computer Science, Engineering, Information systems or similar fields of study or equivalent advanced level experience
• Required: Advanced-level experience, seasoned and specialized knowledge in cybersecurity principles and concepts, developing skills and knowledge in information technology (IT) operations, programming, systems/software development or another IT related field
• Ability to perform work duties from [limited space work station/desk/office area] for extended periods of time
• Ability to communicate and interact with others in the English language to meet the demands of the job
• Ability to use a computer and other office productivity tools with sufficient speed and accuracy to meet the demands of the job
• Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines
• Must be a U.S. citizen or have authorization to work in the United States as defined by the Immigration Reform Act of 1986
• Must be at least 18 years of age
• Must be able to comply with Company attendance standards as described in established guidelines
• Must be able to travel and /or attend Company and non-Company facilities and remote locations such as remote-based offices as necessary

Nice To Haves

• Preferred: Experience in Cloud (AWS), EDR (such as CrowdStrike), SIEM
• Preferred: Experience in performing log analysis and Digital Forensics
• Preferred: Advanced knowledge of global privacy regulations (e.g., GDPR, CCPA/CPRA, LGPD, HIPAA), including experience interpreting regulatory requirements and applying them to data privacy incident response processes
• Preferred: Proven experience leading complex data privacy incidents from detection through resolution, including familiarity with forensic analysis, containment strategies, and root cause investigations
• Preferred: Strong understanding of data governance and lifecycle management, including data classification, retention policies, and secure disposal practices
• Preferred: Demonstrated executive presence and communication skills, with the proven ability to deliver executive briefings and present complex technical and regulatory incident information to technical and non-technical audiences, including executive and senior leadership
• Preferred: Ability to manage multiple concurrent incidents with varying priorities, exercising strong organizational skills and delegating effectively when appropriate
• Preferred: Ability to operate effectively in high-pressure situations, communicate clearly with internal and external stakeholders, and contribute to or draft public statements or regulatory disclosures
• Preferred: Deep understanding of global privacy laws and frameworks (e.g., GDPR, CCPA, LGPD, HIPAA).

Responsibilities

• Provide advanced technical expertise and leadership in cybersecurity, contributing to the identification and resolution of complex cybersecurity issues across various domains such as Incident Response, Threat Intelligence, Governance, Risk, and Compliance (GRC), Privacy, Vulnerability Management, and Engineering Operations
• Lead and coordinate complex incident response efforts, overseeing the identification, containment, and resolution of sophisticated security incidents, and providing mentorship to junior and mid-level analysts
• Champion advanced threat intelligence initiatives, including the development of threat hunting strategies, proactive identification of emerging threats, and the implementation of innovative solutions to enhance the organization's security posture
• Take ownership of the organization's vulnerability management program, developing and implementing advanced strategies for identifying, prioritizing, and mitigating vulnerabilities, and providing expert guidance to analysts at all levels
• Architect and lead the optimization of the organization's security infrastructure, ensuring the implementation of cutting-edge cybersecurity controls and practices, and providing strategic direction for the organization's evolving security architecture
• Drive the maturity of GRC initiatives, providing expert guidance on compliance matters, shaping policies and procedures, and ensuring a proactive and comprehensive approach to governance, risk, and compliance
• Serve as the primary authority on privacy matters, overseeing the organization's privacy program, and ensuring the effective implementation and continuous improvement of privacy controls in line with evolving regulations
• Lead advanced research and development efforts in cybersecurity, staying at the forefront of emerging technologies, and driving innovation in security practices to stay ahead of evolving cyber threats
• Mentor and coach junior and mid-level cybersecurity analysts, providing guidance on complex technical and strategic challenges, and contributing to the professional development of the cybersecurity team
• Foster strong collaboration across the organization, engaging with senior leadership, cross-functional teams, and external stakeholders, and representing the cybersecurity function at a strategic level
• May perform other job duties as directed by Employee's Leaders

Benefits

• Fly for free, as a privilege, on any open seat on all Southwest flights (your eligible dependents too)
• Southwest will help fund your Retirement Savings Plan with Company contributions up to 9.3% of your eligible earnings
• Potential for annual ProfitSharing contribution in the Southwest Retirement Savings Plan- when Southwest profits, you profit
• Competitive health insurance for you and your eligible dependents (including pets)
• Southwest offers health plan coverage options that start from the very first day of employment. You will have 30 days to select and enroll in your health plan with coverage retroactively available to your first day of employment.