Sr. IT Security Analyst

American Eagle Outfitters•Pittsburgh, PA

2d•Hybrid

About The Position

American Eagle is a youth culture brand grounded in denim. Our purpose extends beyond making the best jeans–we embrace self expression, culture, optimism and connection. Through the brand platform Live Your Life, we empower our community to be who they want to be all while wearing the clothes that make them most confident. Our Senior IT Security Analyst, within the Security Operations group, ensures proper configuration standards are met and sustained in compliance with security policy, procedures, standards, and industry requirements/best practices. You will have the opportunity to implement and maintain cybersecurity controls including endpoint detection and response, identity protection, data loss prevention, security automation, application security testing, next generation firewalls, container security and automated compliance tools. Additionally, you will get to perform cybersecurity monitoring of American Eagle Outfitter’s cloud environments ensuring proper monitoring coverage that correlates with internal security operations and processes. If you want to focus on building secure solutions in a dynamic retail environment and are passionate about using your analytical skills to solve meaningful problems, AEO has a phenomenal opportunity for you.

Requirements

Bachelor’s degree or equivalent work experience required.
Five years of enterprise cloud (IaaS, PaaS, SaaS) experience, IT cloud security experience preferred.
Experience with Endpoint Detection and Response and Identity Protection.
Experience with data loss prevention tools including implementations for endpoint and cloud environments.
Experience with deception technologies including design, implementation and management.
Experience with cloud security posture management (CSPM) and cloud workload protection (CWP) tools.
Experience with Google Cloud Org Policies and/or Azure Policy and/or AWS Service Control Policies.
Deep knowledge regarding clouding networking, such as routing, traffic filtering (firewalls), load balancing, etc… for GCP VPCs and/or Azure VNETs and/or AWS VPCs.
Experience with container security including actual container workloads and Kubernetes engine.
Experience working IaC, such as Terraform and/or Azure Resource Manager templates and/or AWS CloudFormation Stacks.
Experience in hardening Google Workspace tenants.
Experience with Microsoft Active Directory, Azure AD and other cloud identity technologies.
Strong ability to critical think and solve problems.
Experience with threat detection and incident response in cloud and on premise environments.
Advise stakeholders and translate business requirements into secure, scalable, and reliable cloud solutions.
Complete security reviews and assessments with developers, operations, and infrastructure teams.
Partner with system engineering / DevOps to assess and reduce cloud security risks.
Assist with documentation of organizational security standards, processes, and governance model.
Knowledge of host hardening, auditing, logging, monitoring, network security, and anomaly detections.
Understanding of industry trends for cybersecurity risk & threat intelligence, and governance.
Assist with implementation and improvements of Cloud Security Operations capabilities within existing organizational support structure.
Assist with configuration of sending cloud logs to SIEM tool and creating rules for alerting on suspicious events.

Nice To Haves

Proficiency in ML frameworks, data analytics, and automation scripting.
Ability to interpret AI findings and conduct proactive threat hunting.
Understanding of AI risk frameworks (e.g., NIST AI RMF, ISO 42001).
Specialized in defending against AI-powered threats, such as deepfakes and advanced phishing.
Familiarity with Next Generation SIEM platforms.
Application Security Testing tools including static, dynamic, interactive and software composition analysis.
IT Security certifications, such as CISSP, GIAC, etc. are preferred.
Direct hands-on experience designing and implementing security with Google Cloud Platform and/or Microsoft Azure and/or AWS for both IaaS and PaaS offerings.
Cloud certifications, such as CCSP, AWS CSA, Google Cloud Professional, Microsoft’s Azure Solutions Architect is preferred.
Experience with DevOps and CI/CD tooling.
Experience in hardening Microsoft Office 365 tenants.
Knowledgeable with CSA CCM security framework and CIS Benchmarks for Cloud.

Responsibilities

Configure, implement, monitor and support cybersecurity systems and controls supporting.
Configure security tools for logging /monitoring, and growing coverage of existing tools.
Make recommendations to management on enhancements to existing and new security software or related tools.
Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current toolsets.
Help implement and maintain next-generation enterprise protection tools malware detection technologies.
Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration, and implementations.
Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks.
Partner with various business units to enhance security policies/procedures.
Create and maintain data security documentation, policies, and procedures.
Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environment.
Responsible for providing support during off hours for security.
All other duties as assigned.