Information Security Analyst - Bolingbrook - IL
Bolingbrook, IL, US
S&S Activewear
Company Overview
S&S Activewear is the leading wholesaler to the imprintable apparel and uniform market in the United States and Canada. Since 1988, we’ve provided high-quality, imprintable apparel to our broad wholesale customer base. We offer high-quality apparel that allows your customers to express their creativity through wearable art through concert merchandise, school & team apparel, marathons and fun runs company stores, theme park gift shops and everyone in between!
Today, we offer the most extensive and accessible collection of fashion-forward styles around. And we get you the goods fast. We operate eight nationwide distribution centers—that’s 4 million square feet of efficient warehouse space—and uniquely offer the largest one & two-day distribution footprint in the industry, with its products reaching 99% of the U.S., Canada, and Puerto Rico within two days and 44 states in just one day.
We offer more than 100 brands, including Adidas, Champion, Columbia, Dickies, Fruit of the Loom, Gildan, Oakley, Richardson, Tommy Hilfiger, etc.
We have grown from a successful midwestern t-shirt and fleece distributor into an industry leader with approximately $2.5 billion in annual sales. In March 2021, Clayton, Dubilier & Rice (“CD&R”) acquired S&S Activewear. CD&R believed S&S to be a leading distribution platform with sustainable competitive advantage following significant strategic investments in its geographic reach, people, and technology.
About Clayton, Dubilier & Rice
Clayton, Dubilier & Rice (CD&R) is all about investing with a purpose. They're a private investment firm that really focuses on turning companies into stronger, more profitable versions of themselves. From the beginning they have overseen the investment of over $35 billion across 100 different companies, and those deals add up to a total value of more than $150 billion. The CD&R firm has offices in both New York and London.
Job Description
S&S Activewear is seeking a motivated security professional to join our team as an IT Security Analyst. In this role you will help maintain the firm’s cyber security and compliance posture while advising on security controls and toolsets. This is a hands-on role reporting to the Director of IT and Cyber Security where your efforts make a real difference for the firm.
The position is a hybrid role located in Bolingbrook, Illinois.
Benefits
- Vacation, Personal, and Sick time
- Medical, Dental, Vision, Life Insurance, Short/Long term disability
- Flexible Spending Account
- 401K with 3% company contribution
- Discounts on brand name apparel
- Employee events
- Opportunities for advancement
Duties & Responsibilities
Maintain Firm’s Security Posture:
- Utilize breach and attack simulation technologies to validate security controls.
- Employ vulnerability scanning tools to assess internal and external risk exposure.
- Participate in planning and scoping for third party penetration tests.
- Manage the firm’s phishing training program.
- Participate in the creation of security baselines.
- Participate in change management validating baseline exceptions.
Incident Resolution Coordination:
- Utilize Microsoft Defender to respond to and investigate events and incidents.
- Investigate findings in AWS Guard Duty.
- Lead tabletop discussions with relevant scenario personnel.
- Prepare and present reports on security incidents.
Third Party Risk Management:
- Be the liaison for the third-party security operations center.
- Coordinate risk assessments and monitoring of third-party vendors.
Compliance Monitoring:
- Support internal assessments and compliance tracking.
- Coordinate audits to confirm firm’s compliance standards.
- Work with leadership to plan remediations for out of compliance resources.
Requirements
- 2-3 years of experience in an Information Security role.
- Previous experience with Auditboard or other GRC or TPRM tools.
- Experience in investigating and remediating alerts and incidents in Microsoft Defender for Endpoint.
- Experience analyzing vulnerabilities in tools such as Qualys, Clover, or Microsoft Defender for Endpoint.
- Experience managing or performing assessments on Microsoft Active Directory and Microsoft Entra Id.
- Experience with baseline security configurations in MDM tools such as Microsoft Intune.
- Experience with PowerShell is a plus.
- Experience with vulnerability scanning tools such as Nessus or Tenable.io.
- Industry certifications preferred – CompTIA Security+, CompTIA CySA+, ISC2 CC, ISC2 SSCP.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk or hear.
Working Environment
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions. S&S has a remote work policy which provides for employees to be in the office Mondays, Wednesdays and Fridays and work from home on Tuesdays and Thursdays.
S&S Activewear welcomes people of all backgrounds and experiences and are committed to creating a diverse culture and supporting human growth. We are proud to be an equal opportunity employer and committed to providing equal opportunity for all employees and applicants. We conduct business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. Our policy is to recruit, hire, train, promote, assign, transfer, and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons. S&S participates in E-Verify and will provide the federal government with your Form I-9 information to confirm you are authorized to work in the U.S. This job offer is contingent upon the completion of a satisfactory background check.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Audits AWS Compliance CompTIA Monitoring Nessus PowerShell Qualys Risk assessment Risk management SOC SSCP Vulnerabilities
Perks/benefits: 401(k) matching Career development Flex hours Flexible spending account Flex vacation Gear Health care Insurance Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs