Barnes & Noble Job - 30825738 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: Barnes & Noble
Location: Westbury, NY
Career Level: Associate
Industries: Retail, Wholesale, Apparel


The IT Security Analyst is responsible for maintaining the confidentiality, integrity, and availability of data and systems related to the corporate and e-commerce infrastructures. You possess the ability to perform risk assessments and audits, analyze and respond to security incidents, design and implement solutions improving security posture, and conduct penetration testing where required. You will serve as an SME to interface with business administrators as well as IT professionals in communicating security flaws in systems and solutions, recommending changes that will improve security, and creating documentation with regards to security policy and incidents.

Essential Functions

• Bachelor's degree in Computer Science, Information Systems, or equivalent preferred
• Certification(s) from organizations such as GIAC, ISC(2), ISACA, CompTIA a plus
• 3-5 years of experience in network/data security
• Hands-on experience with endpoint and network security technologies such as malware analysis, firewalls,IDS/IPS, web and email content filtering, vulnerability management, and SIEM
• Expert knowledge of Application Security and testing
• Extensive knowledge of compliance areas such as PCI and SOX
• Knowledge of security frameworks such as ISO 27002
• Knowledge of BCP and DR processes and procedures
• Ability to handle multiple projects and problems in a fast-paced environment
• Strong customer service attitude and perspective
• Willingness to travel between NY offices when required
• Strong written and oral communication skills


• Serve as SME for security design and solutions
• Lead the web application security efforts for the e-commerce site and related environments
• Test for weaknesses and take up remediation efforts with other teams for public facing assets.
• Assist in PCI and SOX assessment and compliance projects
• Review, analyze, respond to, and report on security violations/alerts
• Perform data classification and risk assessment
• Configure, support, evaluate, and recommend security tools
• Articulate security best practices to other IT groups as well as end users
• Participate in a 24x7 Incident Response Team
• Research the latest information technology (IT) security trends, attack vectors, and methodologies

 Apply on company website