Senior IT Security Threat & Vulnerability Analyst

Tractor Supply Company is a $6.8 billion company and the largest operator of retail farm and ranch stores in the United States. We currently have over 1,600 store locations and we are positioned to grow to over 2,500!! TSC has a great company outlook!! We are at the point in our organization where the physical is meeting the digital and the leadership recognizes and embraces this. There is a lot of support and resources surrounding our IT teams, with a focus to hire, develop, promote and retain top talent while fostering a culture of innovation, speed, high quality deliverables and knowledgeable experts. The best-of-the-best want to work here!! 

This position is responsible for designing and supporting the Company’s Threat and Vulnerability Management program. This includes analyzing threats and vulnerabilities within the Company’s network, performing penetration testing, working with application security tools, developing threat intelligence and metrics, supporting Incident Response, advancing the DLP program, and assisting in developing and maintaining the IAM program. Additional responsibilities include technical leadership, mentoring other team members, and leading projects. 

Provide high-level review of security events identified by the Security Operations Center and work with other Team Members for investigation and remediation. 

Perform penetration testing in support of projects and initiatives. 

Provides technical leadership, mentors other team members, and leads projects. 

Proactively investigate and analyze data anomalies to identify potential threats. 

Participate in 24×7 on call rotation. 

Identify areas to implement continuous monitoring of security and operational functions to support Information Security. 

Lead testing and execution of Incident Response plan with the Business. 

Compile recurring security metrics for presenting for Executive Management review. 

Calibrate with cross functional departments to identify and create action plans for infrastructure and application vulnerabilities. 

Develop and distribute regular reporting on current threats and threat intelligence. Experience: 5-9 years of enterprise experience in Information Technology. 

Education : Bachelor’s degree preferred. Any suitable combination of education and experience will be considered. 

Professional Certifications :
One or more of the following certifications preferred:
Certified Information Systems Security Professional (CISSP) 

Certified Information Systems Auditor (CISA) 

Certified Information Security Manager (CISM) 

Global Information Assurance Certification (GIAC) 

Other knowledge, skills or abilities :
Hands-on experience with security standards, controls and frameworks (PCI, SOX, NIST, Cobit, ITIL) required. 

Hands on experience with managing and monitoring firewalls, intrusion detection systems, anti-virus systems, vulnerability systems and SIEMs is required. 

Strong knowledge of incident response processes required. 

Hands experience with Vulnerability Management processes required. 

Experience with product implementation is preferred.