About Core & Main
Based in St. Louis, Core & Main is a leading distributor of water, sewer, storm drain and fire protection products in the United States. Operating approximately 320 branches nationwide, the company combines local expertise with a national supply chain to provide contractors and municipalities innovative solutions for new construction and aging infrastructure. Core & Main’s 4,500 plus associates are committed to the safe distribution of water and fire protection to help communities thrive. Visit www.coreandmain.com to learn more.
Overview
We are seeking a vigilant and proactive Information Security Analyst to join our team in safeguarding our organization's digital assets. You will play a critical role in monitoring, investigating, and responding to security alerts and incidents across various security platforms. Your dedication to protecting sensitive information will contribute to maintaining a secure and resilient IT environment.
Responsibilities
- Threat Detection and Response: Proactively monitor multiple security platforms to identify potential threats, vulnerabilities, and suspicious activities.
- Investigate security alerts and incidents thoroughly to determine their severity and scope.
- Conduct comprehensive investigations into potential phishing attacks, malware infections, unauthorized access attempts, and other security breaches.
- Implement appropriate containment and remediation measures to mitigate risks and minimize the impact of incidents.
- Prepare detailed incident reports, including root cause analysis and recommendations for prevention.
- Security Operations
- Manage security alerts and tickets within a ticketing system, ensuring timely resolution and effective communication with stakeholders.
- Review and analyze security logs to identify trends, patterns, and potential anomalies.
- Collaborate with IT and security teams to implement security controls, policies, and procedures.
- Contribute to the development and improvement of security processes and playbooks.
- Risk Management:
- Evaluate and assess risks associated with new technologies, applications, and services.
- Conduct vulnerability assessments and penetration testing to identify and address security weaknesses.
- Stay abreast of emerging threats and vulnerabilities, keeping security tools and systems updated.
- Awareness and Compliance:
- Conduct regular security awareness training for employees, promoting best practices and cyber hygiene.
- Assist in developing and delivering security awareness campaigns.
- Conduct phishing simulations to assess employee susceptibility and reinforce awareness.
- Support compliance with industry standards, regulations (e.g., PCI DSS, HIPAA, GDPR), and company security policies.
Requirements
- Bachelor's degree in Information Technology, Cybersecurity, or a related field, or equivalent experience.
- 1-3 years of experience in a security operations center (SOC) or similar role.
- Strong understanding of security principles, technologies, and best practices.
- Experience with security tools such as endpoint detection and response (EDR), intrusion detection systems (IDS), firewalls, and vulnerability scanners.
- Excellent analytical and problem-solving skills.
- Strong attention to detail and ability to handle multiple tasks effectively.
- Excellent communication and interpersonal skills, both written and verbal.
- Ability to work independently and as part of a team.
- Adaptability to a fast-paced and dynamic environment.
Join us to make a difference in protecting our organization's security posture!
Preferred Qualifications
- Experience with cloud security platforms (e.g., AWS, Azure, GCP).
- Knowledge of network security and incident response methodologies.
- Certifications such as Security+, CEH, or CI