Lead Security Incident Response Analyst

With a $1 billion dollar investment in cutting-edge technology over the next 3 years, continuous innovation coupled with best in class information security technologies that protect millions of families we call customers is at the heart of everything that we do.

Join our Cyber Security team and see what it's like to work for the most engaging retailer in the world. We offer flexible schedules (including work from home opportunities), clear career paths, autonomy, and opportunities to work with the newest technologies including Cloud Security Tools.

What Will You Be Doing?

As a Senior Security Analyst, you will lead our Information Security Incident Handling team, which is responsible for analyzing cybersecurity events and digging into any incident activities.

We will look to you to influence our long-term roadmap and continue to build our top-notch team of incident handling engineers.

More on the Day to Day:

  • Monitor and respond to global security events utilizing state of the art security tools and managed services.
  • Follow established incident response procedures to ensure proper escalation, analysis and resolution of security incidents.
  • Analyze and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.
  • Ensure timely response to incidents in order to minimize risk exposure and production downtime.
  • Advise junior team members on the technical steps to take to investigate and resolve cybersecurity incidents.
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
  • Prepare incident reports for a mixed technical and non-technical audiences.
  • Initiate automation as necessary to effectively manage system logs and security alert reporting.
  • Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design.
  • Complete projects and tasks on an as needed basis.

What We're Looking For:
  • Analytical and problem-solving skills related to networking, operating systems, and malware analysis.
  • Deep technical experience in incident response and phishing attack analytics.
  • In-depth knowledge of privilege escalation, persistence and lateral movement techniques.
  • Technical knowledge and experience in operating system security and security best practices.
  • Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defense-in-depth and common security elements.
  • Demonstrated interest in computer security, incident response, or computer forensics.
  • Experience with network monitoring tools to monitor attacks/threats.
  • Strong critical thinking and analytical problem-solving skills.
  • Experience in securing large enterprise networks.
  • Excellent written and verbal communication skills.
  • Experience working with a high degree of autonomy and managing own workload.
  • Bachelor's Degree in MIS, Computer Science or related field (preferred)
  • CISSP or other relevant security certifications (preferred)


Meet Some of Kohl’s's Employees

Ragnar L.

Senior Data Scientist

Ragnar collects and analyzes industry data in order to build tools and applications that make better shopping experiences for Kohl’s online and in-store customer base.

Sunil K.

Staff Architect

Sunil works with teams across the organization to determine and implement processes that will help associates operate more efficiently, both for themselves and for company customers.


Back to top