[Hiring] Cybersecurity Analyst @L.L.Bean

Role Description

Contributes to the Information Security and Compliance team's Response and Run activities. Responsible for the execution, support, and stewardship of cybersecurity incident response, alert and vulnerability monitoring, and program initiative execution. Works closely with the GRC Risk Team to report and monitor cybersecurity risk.

• Monitor, operate, and maintain information security and compliance program infrastructure according to department strategy and business requirements.
• Collaborate with business leaders, architects, engineers, and application development teams to implement scalable, sustainable, and measurable IT solutions.
• Collaborate with technical leads, architects, and analysts on evaluating new tools and solutions for security components, compliance, and functionality.
• Support the Risk team through security-related risk consultation and threat analysis.
• Provide technical leadership for cybersecurity tools.
• Collaborate with internal clients in support of technology requirements.
• Participate in 24x7 on-call rotation for alerts and Incident Response for all technical, security related events.
• Participate in capacity planning and hardware/software budget planning.
• Participate and act as an IT leader during Incident Response Plan (IRP) review, testing, and execution.
• Assist other analysts and engineers to utilize security tools and execute processes and procedures effectively.
• Act as an information security and compliance consultant to enterprise projects as a subject matter expert.
• Drive and employ standards within the context of job responsibilities.
• Understand and apply change management procedures/principles.
• Provide management with status reports and participate in program reporting.
• Produce documentation for service portfolio.
• Operationalize initiatives from engineering and ensure timely delivery, measured execution, process documentation, and continual improvement.
• Other duties as assigned.

Qualifications

• 4-Year Bachelor's Degree in Computer Science, Cybersecurity, or a related field; or equivalent hands-on SOC / Incident Response experience.
• 3-5+ years in Cybersecurity.
• English Level: C1 (Advanced).

Requirements

• Ability to operate effectively in a fast‑paced, high‑pressure Security Operations environment, including handling multiple concurrent security incidents.
• Prior experience in a SOC and/or Incident Response role, including triage, investigation, containment, eradication, and recovery activities.
• Strong working knowledge of enterprise security technologies such as SIEM, SOAR, EDR/XDR, IDS/IPS, email security, and vulnerability management tools.
• Demonstrated experience analyzing and responding to security alerts across endpoints, networks, cloud, and applications.
• Strong analytical and problem-determination skills for investigating complex security incidents in large enterprise environments.
• Experience performing incident documentation, root cause analysis, and post-incident reporting including lessons learned and improvement recommendations.
• Ability to participate in a 24x7 on-call rotation and respond to high-severity security incidents outside normal business hours when required.
• Proven ability to write clear, concise, and accurate technical and executive-level incident reports, timelines, and metrics.
• Excellent written and verbal communication skills, with the ability to clearly explain technical findings to both technical teams and non-technical stakeholders.
• Strong team skills including collaborative problem solving, coordination during live incidents, and effective communication under pressure.
• Hands-on experience with:
  • Networking fundamentals (TCP/IP, DNS, HTTP/S, VPNs)
  • Windows and *NIX operating systems
  • Virtualized and cloud environments
  • Application and Internet-facing security threats
  • Scripting and automation experience is a plus, including Python, PowerShell, Bash, or similar languages, especially for investigation, enrichment, or response workflows.
• Security certifications are a plus, such as GCIH, GCED, GCIA, CISSP, CISA, CISM, or equivalent IR-focused credentials.

Benefits

• Extraordinary employee experience
• Flexible schedule
• Work from home up to 5 days a week
• Fitness subsidy
• Education subsidy
• 3 paid days to enjoy outdoor activities
• 5 Personal/sick days
• L.L.Bean employee discount
• Asociación solidarista
• Life and medical insurance
• Company doctor