At Levi Strauss & Co, we are revolutionizing the apparel business and redefining the way denim is made. We are taking one of the world's most iconic brands into the next century: from creating machine learning-powered denim finishes to using block-chain for our factory workers' wellbeing, to building algorithms to better meet the needs of our consumers and optimize our supply chain.
A strong moral compass, high integrity, and positive attitude are required to be a successful part of this team. Critical thinking is a major part of this role and you will be expected to articulate your thought process on a regular basis. Confidence in your ability to quickly learn from and adapt to unfamiliar scenarios will be paramount to our success. You will be part of several highly collaborative multi-national cross-functional teams which will push your interpersonal skills.
As a member of the Cybersecurity Incident Response Team, work outside of scheduled shift hours is expected and will be required. You will be expected to provide expert input and execute highly complex tasks during stressful situations.
You will need to maintain a strong knowledge of current security threats, techniques, attack types, as well as a dedicated and self-driven desire to research the current information security landscape. You will be expected to relentlessly seek to improve your knowledge and situational awareness of LS&Co. global business operations.
Demonstrate excellent communication skills, analytical abilities, sound judgment, and possess the ability to work effectively with internal team members, including IT staff, management and partners.
You will also play a role in the LS&Co. Global Security Awareness Program, as educating our workforce and partners is large part of our cyber defense strategy. This can include supporting awareness content creation, maintenance, reporting, and providing insights for improving our curriculum.
Most notable is the expectation of personal growth and embracing the well-known, "other duties as assigned." We run a lean team here at LS&Co., which will give you a greater opportunity for exposure to a breadth of technologies and challenges you simply cannot encounter elsewhere.
To thrive in this role, you have
2 to 4 years of experience with strong knowledge of email security threats and security controls, including practical experience analyzing email headers
Ability to analyze and correlate incident data found in SIEM technology to develop a preliminary root cause and corresponding remediation strategy
Practical knowledge of Linux/Unix and Microsoft Security Logging Policies
Practical knowledge of Linux/Unix and Windows Operating System CLI and file system structure
Practical knowledge of the OSI Model
Practical knowledge of Network Application logs especially Proxies, IDS/IPS, VPN, and Stateful Firewalls
Practical knowledge of Endpoint security events from technologies like Anti-Virus, EDR
Understanding of Tactics, Techniques and Procedures (TTPs) used by threat actors.
Good understanding of the industry models such as the Cyber Kill Chain, Diamond Model and MITRE ATTCK framework.
Possess a security and analytical mindset, where the goal of triage and investigation is to determine why something occurred and whether it was expected in the environment.
Understanding of the incident response lifecycle at both technical and procedural level.
Ability to document the triaging methods followed to investigate a security event.
General understanding of Sandbox analysis
Ability to document and brief Incident Response Tasks taken by internal teams and external partners.
Collaborative Skills:
Actively participate in our goal to continuously improve the way we work; identify improvement areas on our technology, process and techniques to enhance our detection and response capabilities
Collaborate with the Security Engineering Team in identifying use cases that leverage existing tools to enable automation and improve detection.
Practical knowledge and demonstrated experience with incident response tools, techniques and processes for effective threat containment, mitigation and remediation.
A security certification is welcomed, but not necessary or a requirement. In some instances, candidates are encouraged to work towards certifications while employed at LS&Co.