At Bath & Body Works, everyone belongs. We are committed to creating a diverse, equitable and inclusive culture focused on delivering exceptional fragrances and experiences to our customers. We focus on recruiting, retaining, and advancing diverse talent where our associate population is as diverse as the communities we serve, live and work. In addition, we work to improve our communities and our planet in a way that will make us proud for years to come because we believe the world is a brighter, happier place when everyone has access to the things that make them happy.
The Senior Incident Response Analyst will lead the Detection, Response, and Remediation functions at Bath and Body Works (BBW). This role involves monitoring, analyzing, and managing security events to ensure BBW's global operations remain secure. The analyst will develop and implement strategic detection and prevention approaches, manage security platforms, and provide recommendations for improvements. Strong communication skills and the ability to remain calm under pressure are essential for success in this role.
Responsibilities:
Independently monitor and analyze security systems, including intrusion detection/prevention systems (IDS/IPS), antivirus software, and security information and event management (SIEM) tools for unusual activity. Conduct in-depth analysis of suspected security incidents, including determining the nature and scope of incidents. This includes analyzing logs, network traffic, and system data to identify the cause and impact of breaches. Prepare comprehensive incident reports for both technical and non-technical audiences. This includes documenting the incident timeline, identifying compromised data or systems, explaining incident resolution, and making recommendations for future prevention. Lead efforts with other teams to restore normal operations after incidents and implement changes to prevent similar incidents. This may include tasks such as patching software vulnerabilities, adjusting security settings, updating firewall rules, and resolving Cloud security posture management alerts. Manage, fine-tune, and automate detection rule sets in the organization’s security stack, with a strong emphasis on experience with Microsoft Sentinel and Google Chronicle. Qualifications 5+ years prior incident handling experience.Understanding of security controls and how they are used to detect and respond.
Knowledge of basic cryptography (TLS), common network protocols, edge routing technologies, firewall/IDS/IPS solutions, SIEM, EDR/XDR.
Preference for any pertinent security certifications:
GIAC Certified Incident Handler (GCIH)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Network Forensic Analyst (GNFA)
GIAC Reverse Engineering Malware (GREM)
CompTIA: Security+
CompTIA: CySA+ (Cybersecurity Analyst)
Cisco: CCNA Cyber Ops
EC-Council: Certified Ethical Hacker (CEH)
Education: Bachelor’s Degree in Information Technology/Information Security or equivalent experience in technology.
Salary: 120k + Bonus
Core Competencies:
Lead with Curiosity & Humility Build High Performing Teams for Today & Tomorrow Influence & Inspire with Vision & Purpose Observe, Engage & Connect Strive to Achieve Operational Excellence Deliver Business ResultsBenefits
We invite you to join Gingham Nation, where we invest in our associates through competitive compensation, benefits, and development opportunities, so they can continue to be their best at work, at home, and in their communities. Benefits offered to eligible Bath and Body Works associates include a no cost mental health and well-being program, health coverage with a variety of plans to choose from, flexible and affordable saving programs, paid time off and a merchandise discount. Visit bbwbenefits.com for details.
View Benefits Information
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required.
We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws. Please see links: Los Angeles Fair Chance In Hiring Ordinance, Philadelphia Fair Chance Law, San Francisco Fair Chance Ordinance.
We are an equal opportunity and affirmative action employer. We do not make employment decisions based on an individual’s race, color, religion, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, marital status, pregnancy, genetic information, protected veteran status or any other legally protected status, and we comply with all laws concerning nondiscriminatory employment practices. We are committed to providing reasonable accommodations for associates and job applicants with disabilities. Our management team is dedicated to ensuring fulfillment of this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, associate activities and general treatment during employment. We only hire individuals authorized for employment in the United States.
Application window will close when all role(s) are filled.