Job Details

Analyst - IT Security (Data Protection)


Date Opened: 09/18/2018

Job Type:

Job Number: 18000ADS

Job Description

Company Description

Hudson's Bay Company (HBC) is coming to India! We are in the process of setting up an integrated Global In-House Center, (GIC), in Bangalore to build a corporate team who will play an important role as HBC executes its strategic plan. This center will house several hundred highly talented individuals in the first two years and the office has potential to expand as the business grows. We will begin to build our team in Bangalore focused on Information Technology, Information Security, Finance and Accounting, in addition to Merchandising Operations and may then scale the operations to build capabilities in various other functions.

Hudson's Bay Company is one of the fastest-growing department store retailers in the world. In North America, HBC's leading banners include Hudson's Bay, Lord & Taylor, Saks Fifth Avenue, Gilt, Saks OFF 5TH, Find @ Lord & Taylor, and Home Outfitters. In Europe, HBC's banners include GALERIA Kaufhof (the largest department store group in Germany), Galeria INNO (Belgium's only department store group), and Sportarena. At HBC we are a company of adventurers who explore uncharted territory, challenge convention, and work with imagination and fun.

Reporting Relationship: The Analyst, IT Security will directly report into the Manager, ITSecurity.

Major Responsibilities

The Analyst, IT Security will be accountable for the safety of HBC's data and systems depending on the team's area of focus. This role will be responsible for protecting HBC's digital assets and information. The IT Security Analyst will provide technical excellence in analysis, decision making, design, implementation and support of solutions. They will partner with other business functions to identify risks, architect solutions, track and communicate milestones and deliverables, etc. to mitigate security risks while optimizing overall cost of security.

Role responsibilities include:

  • Experience with data classification and database security solutions, including DAM, native encryption, and third party encryption

  • Knowledge of DLP, including network and endpoint solutions

  • Experience with metadata management and data tagging technologies

  • Evaluates and anticipates the impact of technical solutions on security's objective and provide recommendations and architect sound solution that meets business and corporations objective.

  • Minimizes security defects in the organization and assists in resolution of complex security problems, which may include on-call support on rotating basis

  • Establishes and optimizes security team's performance by enhancing the alignment between business processes and business objectives

  • Identifies and performs complex process analysis functions, documents and executes existing processes, performs complex gap analysis between current and desired state, makes recommendations, performs and leads new process design

  • Prioritizes workload and accomplishes assignments on time, ensuring deliverables are high quality

  • Identifies and timely escalates issues and risks to quality completion of tasks; provide recommendations and assist in mitigation of risks

  • Experience with developing Java applications and Web applications

  • Experience with LDAP, XML, XSD, Schematron, XML encryption, Cryptographic Message Syntax, ASN.1, JSON, Avro, or other data encoding standards

Personal Characteristics

The successful candidate should be a respected and proven with a quantifiable track record of success in delivering results within a large complex organization.  He/she must have the ability to quickly assess a new environment and develop solutions that support the business strategy, critical objectives, and cultural norms. He/she must be creative with a strategic mindset along with the ability to turn concepts into action. He/she must have strong relationship building and influence skills, strong verbal, written communication skills and strong analytical and diagnostic skills.

Job Qualifications

Professional Qualifications:

  • 6+ years or greater in Information Security domain

  • Experience securing enterprise-scale systems

  • Knowledge of Security standards (NIST/PCI DSS/ISO)

  • Ability to define and optimize business processes/procedures

  • Broad technical knowledge of system architectures, network elements and protocols, and system software

  • Strong direct technical experience in the field of IT security including hands on experience using security tools, penetration testing, and current/emerging threats in the vulnerability/exploit community

  • CISSP/Security+/GSEC preferred

  • PMP/CAPM, CISM or CISA, ITIL Foundation or Practitioner a asset

Must also have experience with at least one of the following:

  • Provisioning/de-provisioning system access controls and tools, e.g., oracle identity, okta, centrify, cyberark, etc.

  • Security incident management and remediation controls and tools, e.g., qradar, splunk, etc.

  • Antimalware, digital certificates, penetration testing, security and compliance management, encryption standards, firewall rule management, etc.

  • Understand and be able to create, implement and direct project plan execution with known project planning methodologies to guide infrastructure projects to successful completion.

Educational Credentials:

BS Degree in a  Technical Curriculum

Office Hours

Shifts can vary based on organizational needs