Information Security Analyst - Bolingbrook - IL

Company Overview

S&S Activewear is the leading wholesaler to the imprintable apparel and uniform market in the United States and Canada. Since 1988, we’ve provided high-quality, imprintable apparel to our broad wholesale customer base. We offer high-quality apparel that allows your customers to express their creativity through wearable art through concert merchandise, school & team apparel, marathons and fun runs company stores, theme park gift shops and everyone in between!

Today, we offer the most extensive and accessible collection of fashion-forward styles around. And we get you the goods fast. We operate eight nationwide distribution centers—that’s 4 million square feet of efficient warehouse space—and uniquely offer the largest one & two-day distribution footprint in the industry, with its products reaching 99% of the U.S., Canada, and Puerto Rico within two days and 44 states in just one day.

We offer more than 100 brands, including Adidas, Champion, Columbia, Dickies, Fruit of the Loom, Gildan, Oakley, Richardson, Tommy Hilfiger, etc. 

We have grown from a successful midwestern t-shirt and fleece distributor into an industry leader with approximately $2.5 billion in annual sales. In March 2021, Clayton, Dubilier & Rice (“CD&R”) acquired S&S Activewear. CD&R believed S&S to be a leading distribution platform with sustainable competitive advantage following significant strategic investments in its geographic reach, people, and technology.

About Clayton, Dubilier & Rice

Clayton, Dubilier & Rice (CD&R) is all about investing with a purpose. They're a private investment firm that really focuses on turning companies into stronger, more profitable versions of themselves. From the beginning they have overseen the investment of over $35 billion across 100 different companies, and those deals add up to a total value of more than $150 billion. The CD&R firm has offices in both New York and London.

Job Description

S&S Activewear is seeking a motivated security professional to join our team as an IT Security Analyst.  In this role you will help maintain the firm’s cyber security and compliance posture while advising on security controls and toolsets.  This is a hands-on role reporting to the Director of IT and Cyber Security where your efforts make a real difference for the firm.  

The position is a hybrid role located in Bolingbrook, Illinois.

Benefits

• Vacation, Personal, and Sick time
• Medical, Dental, Vision, Life Insurance, Short/Long term disability
• Flexible Spending Account
• 401K with 3% company contribution
• Discounts on brand name apparel
• Employee events
• Opportunities for advancement 

Duties & Responsibilities

Maintain Firm’s Security Posture:

• Utilize breach and attack simulation technologies to validate security controls.
• Employ vulnerability scanning tools to assess internal and external risk exposure.
• Participate in planning and scoping for third party penetration tests.
• Manage the firm’s phishing training program.
• Participate in the creation of security baselines.
• Participate in change management validating baseline exceptions.

Incident Resolution Coordination:

• Utilize Microsoft Defender to respond to and investigate events and incidents.
• Investigate findings in AWS Guard Duty.
• Lead tabletop discussions with relevant scenario personnel.
• Prepare and present reports on security incidents.

Third Party Risk Management:

• Be the liaison for the third-party security operations center.
• Coordinate risk assessments and monitoring of third-party vendors.

Compliance Monitoring:

• Support internal assessments and compliance tracking.
• Coordinate audits to confirm firm’s compliance standards.
• Work with leadership to plan remediations for out of compliance resources.

Requirements

• 2-3 years of experience in an Information Security role.
• Previous experience with Auditboard or other GRC or TPRM tools.
• Experience in investigating and remediating alerts and incidents in Microsoft Defender for Endpoint.
• Experience analyzing vulnerabilities in tools such as Qualys, Clover, or Microsoft Defender for Endpoint.
• Experience managing or performing assessments on Microsoft Active Directory and Microsoft Entra Id.
• Experience with baseline security configurations in MDM tools such as Microsoft Intune.
• Experience with PowerShell is a plus.
• Experience with vulnerability scanning tools such as Nessus or Tenable.io.
• Industry certifications preferred – CompTIA Security+, CompTIA CySA+, ISC2 CC, ISC2 SSCP.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk or hear. 

Working Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions. S&S has a remote work policy which provides for employees to be in the office Mondays, Wednesdays and Fridays and work from home on Tuesdays and Thursdays.

S&S Activewear welcomes people of all backgrounds and experiences and are committed to creating a diverse culture and supporting human growth. We are proud to be an equal opportunity employer and committed to providing equal opportunity for all employees and applicants. We conduct business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. Our policy is to recruit, hire, train, promote, assign, transfer, and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons. S&S participates in E-Verify and will provide the federal government with your Form I-9 information to confirm you are authorized to work in the U.S.  This job offer is contingent upon the completion of a satisfactory background check.