Sr Cybersecurity Ops Analyst

At DICK’S Sporting Goods, we believe in how positively sports can change lives. On our team, everyone plays a critical role in creating confidence and excitement by personally equipping all athletes to achieve their dreams.  We are committed to creating an inclusive and diverse workforce, reflecting the communities we serve.

If you are ready to make a difference as part of the world’s greatest sports team, apply to join our team today!

OVERVIEW:

In this role, the candidate will join the Company with 5-7 years of tangential or direct information security experience, with an IT background, and a strong passion for the cybersecurity field. Responsibilities include monitoring for and responding to potential cybersecurity incidents, helping to improve detection capabilities, learning DSG’s security toolsets and how they are applied across the environment, and mentoring more junior teammates. The role will support the business by working alongside other teammates to protect the Company, learning and using technologies to help detect and prevent cyberattacks, partnering with 3rd parties to evolve security capabilities, and leveraging internal and external training to further hone skills.

JOB DUTIES & RESPONSIBILITIES

Utilizes security tooling such as SIEM, EDR, and email gateways to detect and respond to potential cybersecurity incidents.

Identifies and escalates gaps in tooling coverage to engineering teams. Researches the latest cybersecurity threats and determines potential impact to DSG.

Follows and suggests enhancements to Standard Operating Procedures and playbooks. Participates in tabletop exercises and other training to enhance skills.

Partnering with teammates across all of Cybersecurity and Digital Trust and the larger Technology team, as well as 3rd parties who provide security services.

Learning new and existing security toolsets and best practices via internal and external training

Regularly review and update incident response plans and procedures to ensure their effectiveness and relevance.

Coaching and mentoring junior teammates

ADDITIONAL KNOWLEDGE, SKILLS, & ABILITIES

Required: extensive knowledge of modern operating systems, networking, and virtualization

Required: understanding of native OS logging mechanisms, for example: syslog, Sysmon, Windows Event Logs, etc.

Required: experience with modern security tooling (next-gen firewalls, SIEMs, endpoint defense, privileged access management, cloud-native tools, etc.)

Required: the desire to work with a talented, growing team of cybersecurity professionals

Nice to have: scripting capability in one or more languages (PowerShell, bash, Python, etc.)

Nice to have: experience with automation platforms

Nice to have: application security, DevSecOps, and/or experience with containers

PREFERRED LICENSES and/or SPECIALIZED TRAINING

Security+ (preferred not required)

GIAC (preferred not required)

CISSP (preferred not required)

QUALIFICATIONS:

Bachelor's Degree in Computer science, management information systems, cybersecurity, or equivalent experience

5 - 7 Years of experience in Security Operations, Windows, Linux, cloud, SIEM, EDR, firewalls, email gateways

#LI-CB1