The Sr Analyst, ECR Security Engineering and Operations is responsible for secure engineering and operations of Estee Lauder's technology infrastructure. This will encompass building rules, engineering and deploying security solutions across the ELC ecosystem of technology, deploying data encryption and tokenization tools, and/or other security controls.
This position will directly contribute to the overall security posture of ELC. This role will also provide security solutions around cloud-based applications, Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS). With the move to the cloud comes an extension of the ELC network. This role is also responsible for best-in-class engineering capabilities for security, including engineer and operating technical controls. Must have begun a track record demonstrating the ability to produce effective, innovative security solutions at an enterprise scale. Will be responsible for constantly evaluating the evolving security industry to be on top of the latest innovations in secuirty and technology, and providing feedback on next generation capabilities for the Head of Security Engineering.
•Develops and executes tools and techniques to increase Security capabilities across the enterprise •In conjunction with the Head of Security Architecture, develops and deploys next generation protections for ELC ecosystem •Conducts network security “run” configurations (whether done in house, by IAAS provider, or third party provider), and ensures security engineering, operations and monitoring is consistently and effectively conducted •Implements new cloud security technologies and processes to mature cloud security controls. •Deploys and manages security tooling for public (Azure, AWS, GCP) and hybrid clouds •Champions a DevSecOps security model so that security is automated and elastic across all platforms •Works with Engineering, Infrastructure Services, and Application Development organizations to deploy selected technology solutions and facilitates complete integration into the application environments •Assists with implementation of IDaaS rollout to selected corporate SaaS applications and partners with the Head of Digital Identity to extend IAM capabilities to those applications •Deploys CASB to enforce several different security controls, including access control, encryption, and device profiling •Enables Cybersecurity Threat Management Center (CTMC) monitoring of security on systems deployed in the cloud •Keep informed of new and emerging security threats, security frameworks and regulations •Deploya orchestration and automation with a focus on security with tools such as Jenkins, Spinnaker, Puppet, Chef, Terraform, Azure DevOps etc. •Continually improves the posture of ELC security through innovative methods and usages of existing tools combined with new ways of working, automation, AI, analytics, etc.
•A minimum of 3+ years of experience with a mix of Security, Infrastructure, Network and Cloud and endpoint protection experience, preferably with engineering background •Experience of enterprise security solutions and best practice controls for infrastructure, endpoints, cloud and network, and including logging and application architectures •Strong technical security skills in multiple areas to include two or more of: application security, data security, network security, infrastructure security, cloud security, cryptography, logging and monitoring, mobile security, endpoint security •Strong knowledge of cloud security, public cloud, hybrid cloud, private cloud, IaaS, SaaS, PaaS environments preferred, Including experience with one or more cloud technologies: Microsoft Azure, and AWS. Knowledge of Google Cloud Platform and Microsoft Office 365 is a plus •Proficiency with scripting (Power shell for Azure and working with the AWS Command-line)preferred •Sound knowledge of enterprise security concepts/frameworks and products, secure design principles and patterns •Ability to visualize, articulate and solve complex technical problems •Demonstrated Experience in at least one area of security engineering (e.g. building rules for Splunk)
Job: Information Technology
Primary Location: Americas-US-NY-Long Island City
Job Type: Standard
Shift: 1st (Day) Shift
Job Number: 1923146
We are an equal opportunity employer. Minorities, women, veterans, and individuals with disabilities are encouraged to apply. It is Company's policy not to discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. The Company will endeavor to provide a reasonable accommodation consistent with the law to otherwise qualified employees and prospective employees with a disability and to employees and prospective employees with needs related to their religious observance or practices. Should you wish to apply for this position or any other position with the Company and you believe you require assistance to complete an application or participate in an interview, please contact USApplicantAccommodations@Estee.com.
Apply on company website