Offer summary

Qualifications:

Bachelor's degree in Information Security, Computer Science, or a related field., Strong understanding of penetration testing, configuration hardening, and vulnerability management., Excellent interpersonal and communication skills to interact with both technical and non-technical stakeholders., Knowledge of compliance program initiatives and security risk management..

Key responsibilities:

Maintain and coordinate company-wide information security policies and controls.

Conduct security audits and analyses, providing actionable solutions.

Monitor and evaluate systems to safeguard internal information and prevent unauthorized access.

Educate users on security requirements and assist in compliance with regulations.

Job description

Role Specific Information

Job Description

About the Role

As Information Security Analyst, you will detect, prevent and respond to information threats and security breaches through technical security programs designed to protect the integrity of the organization's networks, systems, applications and data.

What You’ll Do

Maintain information security policies and coordinate company-wide information security controls
Conduct information security audits and analyses and regularly drive solutions and actionable deliverables
Resolve routine security incidents and audits
Proactively monitor, evaluate and maintain systems and procedures that safeguard internal information systems, networks, databases and Web-based security
Recommend and implement changes to enhance systems security and prevent unauthorized access
Educate and communicate security requirements and procedures to users
Monitor and research new and emerging threats and stay current on information security websites
Interpret vulnerability scan data to prioritize risks
Assist in software, hardware and service evaluations, security audits, security risk assessments and the administration of compliance with regulations and privacy laws
Additional tasks may be assigned

Addendum

Governance, Risk and Compliance (GRC) Service:

Demonstrate knowledge of compliance program initiatives, including control requirements and associated risks, and how Kohl’s meets them
Document security issues, including identifying risks and working with issue owners to define and validate remediation plans
Support security awareness programs, including preparation of materials, education of associates and program performance monitoring
Support third-party vendor security risk management program and life cycle
Perform application access reviews to support identity governance program and compliance requirements
Serve as a subject matter expert for Information Security to technical/non-technical management and associates
Facilitate communication with product teams on remediation prioritization and timelines
Apply relevant industry trends to product needs
Identify mitigation strategies for remediation

What Skills You Have

Required

Ability to work independently and as part of a product team
Ability to collect data and derive risk posture
Understanding of penetration testing, configuration hardening, and vulnerability management
Knowledge of hacker tactics, techniques and procedures
Strong interpersonal and communication skills with the ability to interact with technical SMEs and business stakeholders

Preferred

Technology security experience
Data analyst skillset

Essential Functions

The requirements listed below are representative of functions you will be required to perform, however you may be required to perform additional functions. Kohl’s may revise this job description at any time. To perform this job successfully, you must be able to perform each essential function satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions, absent undue hardship.

Ability to perform the accountabilities listed in the “What You’ll Do” Section
Ability to comply with dress code requirements
Basic math and reading skills, legible handwriting, and basic computer operation
Ability to maintain prompt and regular attendance and meet scheduling requirements as set by the company
Ability to learn and comply with all company policies, procedures, standards and guidelines
Ability to give direction and to receive, understand and proactively respond to direction from leadership and other company personnel
Ability to work as part of a team and interact effectively and appropriately with others
Ability to maintain composure and work in a fast paced environment while accomplishing multiple tasks within established timeframes
Ability to satisfactorily complete company training programs
Ability to use a personal computer for tasks such as communicating, preparing reports, etc.
Ability to plan, prioritize and monitor activities across business units
Ability to complete or oversee the completion of assigned projects in a timely manner