Sr. Cybersecurity Analyst 2 - Intel and IR (Remote)

Publix Super Markets, Inc. is the largest privately-owned food retailer in the nation with more than 1,200 stores and more than 200,000 associates throughout the Southeast. We are associate-owned, proud of our family atmosphere, and consistently named as one of the best companies to work for in America. We are largely debt-free and renowned for our financial performance as well as our premier customer service. Publix?s Information Services (I/S) department is located in Lakeland, Florida and Alpharetta, Georgia and employs over 1000 associates. I/S provides the information technology required for all Publix business units including retail stores and all office and warehouse environments. The Publix I/S mission is to maximize the value of information technology to Publix associates and customers. Publix can offer virtual employment for this position in the following states: FL, GA, AL, TN, SC, NC, VA, KY.

Welcome to Publix Technology, the award-winning technical group for Publix Super Markets, Inc., the largest employee-owned company in the nation. Our technology teams of 2100+ associates provide cutting-edge, modern solutions to nearly 1400 retail stores and 200,000+ internal team members across 8 states. We offer positions at all levels - summer internships, individual contributor roles, to technical leadership across a broad range of technical disciplines. So, whether you are interested in IT security, platform engineering, architecture, software development, or infrastructure - we have a career path for you! Pub Subs are not the only thing we build from scratch. See for yourself why Publix Super Markets, Inc. has been on Fortune's 100 Best Companies to Work For list.

The Sr Cybersecurity Analyst 2 performs complex analysis, development, and implementation activities across several cybersecurity disciplines including alert investigations, incident response, forensic and malware analysis, and threat intelligence. This position identifies security risks and threats and develops and implements solutions to reduce risk. Under less specific guidance, this position is responsible for protecting Publix systems, networks, and data from unauthorized use or disclosure and ensuring that Publix meets all applicable legal, contractual, and regulatory requirements related to cyber security.

Responsibilities:

• Develop and execute complex incident response playbooks and procedures,
• Develop advanced, scalable, and durable detections for various threat scenarios,
• Develop and execute advanced forensic analysis procedures,
• Research and stay current on the threats and adversaries to the organization,
• Perform hypothesis-driven threat hunts on the Publix Enterprise Network,
• Perform malware analysis to support incident response,
• Develop automation scripts and playbooks to improve incident response time.

• Must have a bachelor?s degree in management information systems, Computer Science, Business, or equivalent experience.
• 4+ years of experience in one or more of the following areas: Security Operations, Incident Response, Forensic Analysis, Penetration Testing, Network Security, and Platform Security,
• 2+ years of knowledge of triaging incidents using endpoint detection and response (EDR) tools, intrusion protection systems (IPS), Wireshark, web application firewall (WAF), cloud security monitoring and detection tools, forensic acquisition, and analysis tools such as KAPE and volatility in an enterprise setting,

• 6+ years of strong experience triaging incidents using endpoint detection and response (EDR) tools, intrusion protection systems (IPS), Wireshark, web application firewall (WAF), cloud security monitoring and detection tools, forensic acquisition, and analysis tools such as KAPE and volatility in an enterprise setting,
• Advanced data analysis skills with a SIEM query language like Splunk SPL or Kusto Query Language (KQL),
• strong knowledge of offensive tradecraft and adversary capabilities,
• automation and scripting skills using PowerShell, Python, bash, or other language.
• automation and scripting skills using PowerShell, Python, bash or other,
• One or more of the following certifications:
  • GIAC Enterprise Incident Responder (GEIR),
  • GIAC Certified Intrusion Analyst (GCIA),
  • GIAC Network Forensic Analyst (GNFA),
  • GIAC Certified Forensic Analyst (GCFA),
  • GIAC Defending Advanced Threats (GDAT),
  • Palo Alto Networks Certified Network Security Engineer (PCNSE)

• Employee stock ownership plan that contributes Publix stock to associates each year at no cost
• An opportunity to purchase additional shares of our privately-held stock
• 401(k) retirement savings plan
• Group health, dental and vision plans
• Paid Time Off
• Paid Parental Leave
• Short- and long-term disability insurance
• Tuition reimbursement
• Free hot lunches (buffet-style) at facilities with a cafeteria
• Visit our website to see all of our benefits: