Share this Job

Security Analyst

Posting Date: May 12, 2022

Location: Tyler, TX

Company: Brookshire Grocery Company

Brookshire Grocery Company (BGC) is a family business based in Tyler, Texas, and currently operates more than 202 stores in three states – Texas, Louisiana, Arkansas, and Oklahoma – with three distribution centers and a corporate office. BGC prides itself on offering its partners one of the most comprehensive benefits packages in the industry which includes medical, prescription drug, vision, dental, paid time off, stock ownership, a 401k retirement plan, incentive plans, employee discounts, educational scholarships, and access to BGC’s 205-acre outdoor recreation area.

Job Summary

Plans, develops, and implements cybersecurity protection measures, governance controls, and procedures to guard company assets for data protection, compliance, and against unauthorized access.  Executes assigned tasks aligned to projects across all functions of the IT Security risk and compliance domain.  Coordinates and supports audit control testing, vulnerability management, security assessments and managed services. 

Essential Duties and Responsibilities

  • Provides knowledge transfers regarding cybersecurity vulnerabilities, risks, controls, and mitigation strategies to both technical and non-technical users.
  • Monitors and remains current on the latest cybersecurity trends, security risks and threats to provide governance and enhancement recommendations to align with enterprise risk tolerance.
  • Partners with IT control owners to design and implement controls that adhere to both regulatory requirements (PCI, HIPPA, etc.) and Company policies, while providing consistent, high quality, and auditable results.
  • Acts as the subject matter expert for the information security team by modeling behaviors consistent with cybersecurity best practices, while educating the business community and promoting security awareness.
  • Conducts, tracks, and measures the effectiveness of security awareness initiatives through periodic testing using simulated campaigns (i.e. phishing, vishing). 
  • Assists with the preparation of reports, metrics, and scorecards concerning information security initiatives.
  • Performs and/or coordinates periodic risk and security assessments, penetration testing, and vulnerability scanning/management oversight.
  • Assists in overseeing both internal and external audits by acting as liaison between auditors and control owners.  Participates in control walkthroughs, assists in gathering audit evidence requests, and coordinates follow-ups.
  • Coordinates and maintains required documentation to support IT controls and compliance readiness requirements. Ensures proper documentation of control narratives, evidence of control compliance, process flows, diagrams, operating procedures, matrices, and policies.

Essential Duties and Responsibilities

  • Continuously analyzes Company assets to identify gaps or vulnerabilities which may lead to security incidents and communicates prioritized risk strategies to management.
  • Works with third-party managed security services provider (MSSP) to perform real-time pro-active monitoring, alerting, logging, and tracking of security specific issues/concerns. Provides security solutions and communicates identified issues/problems to management.
  • Participates in multiple information security projects and department initiatives simultaneously. 
  • Assists with developing incident response procedural documentation, conducting simulated response tests and incident investigations.
  • Builds detailed project plans to be used as training materials to communicate key milestones, deliverables, and progress visibility for management.
  • Responds to after business hour phone calls and resolves problems as needed.

Knowledge, Skills and Abilities

  • Advanced knowledge of IT audit and/or compliance programs that adhere to established security frameworks.
  • Advanced knowledge of SAP reporting and transactional applications.
  • Advanced knowledge of Microsoft Office applications including Excel, Access, Word, Outlook and PowerPoint.
  • Intermediate knowledge of application security provisioning and governance technologies, authentication protocols, cloud security services, LDAP (Lightweight Directory Access Protocol), and domain structures. Basic mathematical skills.
  • Ability to learn new technology systems, methods and processes.
  • Ability to analyze complex technical information.
  • Ability to communicate effectively in written and verbal form.
  • Ability to research information, establish facts and draw valid conclusions.
  • Ability to comprehend and interpret information.
  • Ability to prepare reports and business correspondence.
  • Ability to reason, form concepts and recognize and solve problems.
  • Ability to show information in presentation or diagram form.
  • Ability to maintain confidentiality regarding sensitive information.
  • Ability to work on-call and flexible schedules including nights, weekends and holidays.
  • Ability to multi-task, organize, and plan work independently.
  • Ability to work in a rapidly changing environment.

Education, Experience, and Qualifications

  • Bachelor’s Degree in related field and four or more years of related experience; or an equivalent combination of experience and/or higher education required.

Physical Demands

  • Continuously required to use close vision, distance vision, depth perception or the ability to focus.
  • Frequently required to talk and hear.
  • Frequently required to use fine finger movements (ex. sorting and typing).
  • Frequently required to sit for long periods of time.
  • Occasionally required to use hands for reaching, touching or handling.
  • Occasionally required to push, pull, maneuver or lift objects up to 40 lbs.
  • Occasionally required to bend, kneel or squat.
  • Occasionally required to stand or walk.

Work Context and Environment

  • Work is generally performed in an office environment.
  • Quiet to moderate noise level.

Brookshire Grocery Company strives to provide a safe, drug free and alcohol-free environment for its partners and guests. The Company is an Equal Opportunity Employer and makes employment decisions without regard to race, color, religion, sex (including pregnancy, gender identity and sexual orientation), national origin, age (40 or older), disability, genetic information or military status and any other trait protected by law.

Nearest Major Market: Tyler