Job Title:  Staff CyberSecurity Analyst

What You Need To Know

Shape a remarkable future with us. Build a career working for an industry leader that truly invests in their people – and equips them with leading technology, continuous learning, and the ability to bring their best selves to work. As the premier wine and spirits distributor, Southern Glazer’s isn't just one of Forbes’ Top Private Companies; it's a family-owned business with deep roots dating back to 1933.

The reputation of Southern Glazer’s is well-established, and it's no surprise that we are regularly recognized for our culture. Southern Glazer’s has been recognized by Newsweek as one of America’s Greatest Workplaces for Inclusion and Diversity, as well as for Women and Parents and Families. These accolades speak volumes about our commitment to creating a supportive and inclusive culture of belonging for all employees.

As a full-time employee, you can choose from a wide-ranging menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition assistance, a wellness program, parental leave, vacation accrual, paid sick leave, and more.

By joining Southern Glazer’s, you would be part of a team that values excellence, innovation, and community. This is more than just a job – it's an opportunity to build the future of beverage distribution and grow with a company that truly cares about its people.

Overview

The Staff Cybersecurity Analyst plays a pivotal role in safeguarding the organization's sensitive information by leveraging advanced security tools and methodologies. This position involves conducting comprehensive system and network assessments to identify and address policy deviations and investigating sophisticated security events to mitigate threats. The Staff Cybersecurity Analyst is responsible for developing and implementing robust security integrations, managing complex operations, and maintaining system security. This role leads penetration testing efforts, performs in-depth vulnerability testing, and conducts thorough risk assessments. Additionally, the Staff Cybersecurity Analyst helps define penetration testing guidelines and procedures, communicates cybersecurity improvements, and provides strategic recommendations for informed risk management decisions. This position requires applying advanced concepts and practices to complete high-complexity assignments, coordinating work on multiple or cross-functional initiatives, and providing direct and indirect leadership within the team. The Staff Cybersecurity Analyst ensures SGWS’s cybersecurity posture remains robust and effective through proactive measures and strategic oversight.

Primary Responsibilities

• Participate in security assessment development and guide content review.
• Understand and practice operating procedures and supports related communication and implementation.
• Provide mentoring and strategic guidance on projects, programs, tools, systems, applications, and networks to ensure proactive identification and mitigation of security risks.
• Work with data to identify patterns related to threat analysis.
• Hypothesize & validate new threats and indicators of compromise.
• Research, analyze, and document the applicability and feasibility of Cyber technology in support of SGWS security.
• Leads in the design, development, implementation, and management of core processes.
• Guides solution options and decision making for security concerns and infractions.
• Demonstrated ability to foster cross-functional collaboration to drive shared organizational objectives, validate remediation efforts, and improve security controls.
• Perform penetration testing on applications, networks, APIs, and cloud environments in accordance with established methodologies and industry standards.
• Prepare detailed technical reports and executive summaries outlining findings, risk ratings, and remediation recommendations.
• Lead and participate in red team exercises and advanced adversary simulations as required.
• Maintain up-to-date knowledge of emerging threats, attack techniques, and security tools.
• Must be available to work nights and weekends as needed to support penetration testing windows and related security activities.

Preferred Qualifications

• Advanced penetration testing certifications, e.g., OSCP, OSEP, OSCE3, etc.
• Advanced Information Security Certifications, e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), etc.
• Extensive experience in the development and implementation of security strategies, policies, and procedures.
• Advanced knowledge of firewalls and encryption to identify potential weaknesses and implement measures.
• Strong understanding of security controls, conceptual models, and frameworks to monitor security posture and enhance security features.
• Demonstrates problem-solving skills to anticipate, identify, and define problems and root causes.
• Proven ability to manage several projects simultaneously from design to implementation, while balancing multiple stakeholder priorities.
• Ability to monitor and report status on security matters to develop security risk analysis scenarios and response procedures.
• Proficiency in advanced security tools and technologies.
• Knowledge and application of advanced threat detection and mitigation techniques.
• Experienced with cloud security solutions and best practices.
• Expertise in network security protocols and practices.

Minimum Qualifications

• 8+ years of experience in IT/network security/cybersecurity.
• Extensive experience in information risk concepts and principles, as a means of relating business needs to security controls.
• Proficiency with security frameworks (e.g., NIST, ISO, etc.).
• Proven experience in working with multiple, diverse technologies and processing environments.
• Native-level proficiency/fluent in English.

Physical Demands

• Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or adding machine
• Physical demands with activity or condition may include walking, bending, reaching, standing, squatting, and stooping
• May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs

EEO Statement

Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. SGWS complies with all federal, state and local laws concerning consideration of a qualified applicant's arrest and/or criminal conviction records. Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees. Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.