Senior Security Analyst

Louisiana-Pacific Corporation (LP Building Solutions) is a leading provider of high-performance building solutions that meet the demands of builders, remodelers, and homeowners worldwide. We manufacture engineered wood building products that include an extensive offering of innovative and dependable building materials and accessories. LP’s values-driven culture creates an environment where talented and hardworking people thrive in an ethical, inclusive, challenging, and rewarding place to work. Since our founding in 1972, we’ve developed careers and provided advancement opportunities in the building products industry. Headquartered in Nashville, Tennessee, LP operates more than 20 facilities across North and South America. For more information, visit LPCorp.com.

Job Purpose

This position is responsible for collaborating across IT to implement Louisiana Pacific’s Information Security program. The primary goal of the program is to protect the confidentiality, integrity and availability of information resources while aligning to business goals and objectives. This position will serve as the IT security subject matter expert for designated security tasks and projects within technology and operations teams at Louisiana Pacific.

We’d love to meet you if... 
… you’re energized by big challenges and creating a plan to meet the challenge 
… you enjoy working with others to deliver great work 
… you’re innovative and looking for a values-driven, positive culture and environment

In this position you will have the opportunity to:

• Develop and implement a methodology for assessing log sources and event codes for SIEM ingestion, ensuring alignment with the MITRE attack framework.
• Evaluate new technology logging and event capabilities, identifying and mapping risk alerting for new tools to frameworks like MITRE. Collaborate with the MSP vendor for successful implementation.
• Propose criticality alert ratings for all security alerts, providing a structured approach to prioritize responses based on severity.
• Assist in setting standards for server, workstation, and common tools configuration, with a specific emphasis on firewall configurations.
• Contribute to the rollout and implementation of IT Security processes, methods, and tools, focusing on assessing risk levels and enhancing technology tool logging.
• Provide suggestions for correlating logs from different sources and develop initial procedures for responding to security alerts.
• Collaborate with the MSP to evolve and improve alerting and event correlation. Stay informed about new environmental threats and support security engineers in mitigating emerging risks.
• Actively participate in the development, implementation, and enforcement of corporate-wide security policies, procedures, and standards. Contribute to the evaluation of new technologies, ensuring alignment with organizational security needs, and assist in designing procedures for security policy compliance as requested by functional teams.

What do I need to be successful?

• 3+ years of experience in IT Security, including firewalls, intrusion detection/prevention systems, EDR solutions and other related technologies. Hands-on experience with SIEM tools, network security protocols and vulnerability management is crucial.
• Proven experience in incident response, with the ability to analyze and address security incidents promptly.
• Strong skills in risk assessment and mitigation strategies.
• Skills in developing, implementing, and enforcing security policies and procedures.
• Demonstrated knowledge of current and emerging threats and technology.
• Immersion in IT Security concepts and practices, specifically as it relates to Threat Monitoring, through 3-5 of years practical experience.
• Demonstrated knowledge of current and emerging technology – especially Splunk, Crowdstrike, Palo Alto, Proofpoint, Azure and M365
• Knowledge of IT security concepts and best practice, specifically MITRE framework.
• Research and troubleshooting skills.
• Strong communication and consensus building skills.
• Strong written and verbal communication skills.
• Ability to learn and apply new technologies.
• Or any combination of experience and training that demonstrates the ability to perform the key responsibilities of this position.

Education

• Bachelor’s degree in Computer Science or related field
• Security certifications (Security+, CASP+, SANS) a plus but not required.

Work Environment

• This position will work at home and in our Nashville office on a hybrid schedule
• Must be within a commutable distance to Nashville or willing to relocate to the greater Nashville area

#LI-HYBRID

LP offers competitive salaries and comprehensive benefits and programs including health and welfare benefits, 401(k) program, career mobility, tuition reimbursement, volunteer opportunities, profit sharing and more.