Discover where good grows at Bob Evans Restaurants. We have an exciting opportunity to join the IT team as a Cybersecurity Analyst. This position is a hybrid remote role requiring a minimum of 3 days a week in our New Albany, Ohio restaurant support center. Apply today if you are seeking a robust and fulfilling cybersecurity position.
IT Cybersecurity Analyst
POSITION REPORT TO: Sr. Director of Cybersecurity & Infrastructure
POSITION LOCATION: Bob Evans Restaurant Support Center, New Albany, Ohio
Statement of Purpose:
The IT Cybersecurity Analyst will oversee the IT cybersecurity elements related to PCI 4.x, Sarbanes-Oxley (SOX), as well as internal audits and assessments. This position is responsible for various critical aspects of cybersecurity, including not limited to ensuring compliance with regulatory requirements, conducting training sessions to educate employees on cybersecurity best practices, running simulations to prepare for potential security incidents, responding effectively to any cybersecurity breaches, and actively hunting for threats within the organization's network. Other responsibilities include enhancing the cybersecurity posture of the organization by implementing robust security measures, identifying vulnerabilities, and developing strategies to mitigate risks.
Accountabilities
- Lead and manage our annual PCI 4.x compliance efforts, including audits and gap remediation.
- Work cybersecurity incidents and address exposure daily inside of Microsoft Defender 365, Sentinel SIEM solution, and Microsoft Purview.
- Utilize Microsoft Purview to manage DLP, Information Protection, Classification, Retention, and Information barriers in Microsoft 365 and Azure database/lakehouse and storage accounts.
- Collaborate with peer IT teams as they develop new features and address security requirements. Your extensive technical expertise will assist them in designing solutions resilient to current and future threats.
- Execute architecture, code, and application reviews to identify vulnerabilities. Work closely with each team to promptly and effectively resolve any identified issues.
- Oversee SOW completion, costs, and invoice resolution for assigned audits and security projects.
Knowledge
- A solid understanding of IT and cybersecurity architecture throughout the systems development lifecycle, including cloud security, requirements development, implementation, and maintenance.
- Proficient in cloud computing platforms encompassing IaaS, PaaS, and SaaS delivery models. Key technologies include Azure Applications, Firewalls, Microsoft365, Cloud Access, Private Access, and Conditional Access.
- Knowledgeable in system security exposure, vulnerabilities, and remediation techniques.
- Exceptional written and verbal communication skills, with the ability to present complex technical information clearly and concisely to diverse audiences.
- Demonstrates initiative and self-motivation to advance initiatives despite ambiguity and incomplete knowledge
- Strong sense of ownership, urgency, and drive. Proven teamwork skills and resourcefulness.
Education/Experience
- Bachelor's degree in Cybersecurity, MIS, CS, or related field, or equivalent work experience.
- Solid understanding of MS Defender 365, Endpoint Security, MS Sentinel, and Purview.
- Certification in progress or completion in Azure Security, CISSP, CCSP, or SSCP.
- Experience responding to security incidents, risks, and developing mitigation plans for Microsoft Azure tenants and cloud-managed devices.
- Experience in security architecture, including the design, implementation, support, and evaluation of security-focused tools and services.
- Experience using threat modeling or other risk identification techniques.
- Experience in customer-centric/retail IT is preferred.
Travel Requirements: