Cybersecurity Risk Analyst - Bellevue
Posted Date: Nov- 2-2018
Job ID: 12294
Job Type: Full Time
Job Function: Legal
Store: Eastgate Headquarters
What's cool about this job
As the Cybersecurity Risk Analyst, you will be in charge of conducting threat analysis related to projects, evolving lines of business, and in response to ad hoc requests. You will need to understand the tactics, techniques and methods of the newest advanced threats relevant to REI, including those presented by cybersecurity criminals, advanced persistent threats (APT), hactivists, insiders, or other nefarious actors. You will conduct Threat Assessments and analysis of threats within the context of the Co-op’s cyber landscape, assess the level of cybersecurity risk, and recommend appropriate mitigation countermeasures. You will collect, process, analyze, and disseminate cyber threat assessments, and maintain an updated risk registry tracking threats and threat countermeasures for the organization. The position will require working in a collaborative environment to help lower cybersecurity risk across the Co-op. The Cybersecurity Risk Analyst will work with Privacy, Compliance, Third-Party, Business Owners, and their IT Partners as part of an internal service model that allows the business to track, manage, and mitigate key information security risks and maintain alignment with the Co-op’s overall cybersecurity threat management strategy. This is not an operational security role.
- Perform cyber defense and cyber threat trend analysis as part of a cross-functional security and privacy risk management team.
- Perform Threat Assessments as a part of the Enterprise Security Risk Assessment process.
- Create and maintain appropriate documentation and artifacts for security, risk management, compliance, and business audiences.
- Track and update security risks as part of a comprehensive information security risk management program (e.g., threat, vulnerability, and probability of occurrence).
- Cull data from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze the Co-op’s digital footprint and identify trends for the purpose of mitigating enterprise-level threats.
- Clearly and articulately communicate the value of information security throughout all levels of the organization.
- Develop threat models based on interviews and requirements from internal business owners.
- Assess effectiveness of cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple levels of data.
- Develop cybersecurity countermeasures and risk mitigation strategies for complex and interrelated systems.
- Document and address organization's information security, cybersecurity architecture, and systems security requirements throughout the technology acquisition life cycle.
- Draft statements of preliminary or residual security risks for system operations
Bring your passion and expertise
- Bachelor’s degree in computer science, math, or engineering, or 5+ years training and experience in the cybersecurity field.
- Certificates in key cybersecurity areas of defense (i.e. GSEC, GISF, GMON and/or GCCC).
- Experience in security risk management, analysis and/or compliance.
- Functional understanding of computer networking activity concepts and protocols, and network security methodologies.
- Functional understanding of network protocols such as TCP/IP, Dynamic Host Configuration, DNS, and directory services.
- Experience and background in network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
- Skilled in assessing security controls based on cybersecurity principles and tenets.
- Skilled in collecting data from a variety of cyber defense resources.
- Skilled in evaluating the adequacy of security designs.
- Skilled in both written and verbal communications to technical and non-technical stakeholder audience
Why you'll love it here
We’re a passionate community of people who believe in one simple truth: an outdoor life is a life well-lived. REI is a co-op, born in the mountains of the Pacific Northwest in 1938. We’re here to help our over 6 million active members have amazing experiences outside—and do the same ourselves. Bring your creativity, customer focus and enthusiasm for living life outdoors—we can’t wait to meet you!
At REI we offer an enviable work environment that has been recognized on the "100 Best Companies to Work For" list since the award's inception – 20 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.
With more than 140 retail locations (and growing), REI offers unique competitive benefits to its more than 12,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.
REI is an Equal Opportunity Employer