Tech Security Specialist

What do we need:

A security professional to join our Security Operations Center (SOC) as an analyst to help detect and respond to threats to the organization.

What’s special about this team:

Amway is the world’s No. 1 direct selling business, according to the Direct Selling News Global 100. Established in 1959, with sales of $8.4 billion, Amway operates in more than 100 countries and territories. We manufacture and distribute 450+ consumer products that support health and well-being. More than 19,000 employees worldwide support millions of Amway Business Owners who sell Amway products.

The Information Security and Risk team has about 60 team members located around the globe, and you would be among our Security Engineering and Operations team.  Our main goal for the team is protecting information for our customers and employees.

What’s special about this role:

Within our Security Engineering and Operations function we focus on helping our customers design, implement and operate effective access controls that protect against threats & supports business objectives. As Amway moves toward a digital business model, more data is generated and shared among organizations, partners, and customers.

You’ll play an integral role in helping Amway ensure we are protected by detecting threats and assisting in protecting the organization’s IT Infrastructure and applications globally.

In joining, you’ll be a part of a collaborative team that values technical and business acumen and provides training and development to extend and develop you as a professional.  You will help contribute to the overall SOC.

The role will include primary responsibility for:

• Primarily focus on Endpoint Detection and Response or EDR (e.g., Palo Alto Cortex XDR)
• Threat and vulnerability analysis
• Investigate, document, and report any information security issues as well as emerging trends
• Actively participate in Incident Response (IR) procedures/processes
• Leverage Amway’s SIEM (e.g., Splunk Enterprise Security) to monitor and detect notable events
• Identify processes and playbooks that can be automated in our SOAR platform (e.g., Splunk Phantom)
• Able to identify indicators of compromise (IOCs)
• Create & update SOC documentation for processes and procedures for common scenarios
• Familiarity with User and Entity Behavior Analytics and how they can be used to detect threats
• Some security tool administration, configuration, and tuning
• Familiar with network security and how to detect threats as well as defend against them

Required qualifications:

• Minimum 3-5 years Information Security experience
• Attention to detail
• Good customer service orientation
• Ability to communicate effectively across different levels of the organization (verbal and written) and able to work in a team environment
• BA/BS degree in Computer Science, Information Technology, or a related field desired

Skills to be successful in the role:

• Experience working with engineering and non-engineering teams and other cross-functional stakeholders spanning all organizational levels
• Familiar with Windows and Linux operating systems
• Using data to illustrate risks
• Strong communications and documentation skills
• Basic understanding of network security, IAM security, and endpoint security
• Familiar with Agile Methodologies