Information Technology

Senior Information Security Analyst

3438 Peachtree Road NE, Suite 1800, Atlanta GA 30326, United States

Serving the needs of all families with young children, Carter’s Inc. is the largest North American apparel retailer exclusively for babies and young children, encompassing Carter’s, OshKosh B’gosh, Skip*Hop and Little Planet brands. Meaningful work, constant learning, genuine people, and a community guided by core values that promote inclusion and innovation is in everything we do. There are many reasons to build your career at Carter's.

How you’ll make an impact:

The Senior Security is a member of the IT Security team reporting to the Sr. Manager, IT Security. The Senior Information Security Analyst is primarily focused on leading complex investigations, driving departmental improvement efforts on monitoring, detecting, administration, or responding to security events and threats across the organization.  Working under general supervision, this role exercises considerable independent judgment and takes ownership of advanced cyber security activities.  The Senior Information Security Analyst is a key technical contributor and a bridge between operational execution and strategic security initiatives.   This position could also serve as a foundation for building deeper expertise in various other security domains. 

Key Responsibilities

Depending on the needs of the department, the duties of this role could include:  

Security monitoring & day-to-day operations (30%)

  • Day-to-day information security analysis across events, alerts, and threats
  • Supporting the security manager with vulnerability, alert, and incident oversight
  • Staying current on the threat landscape and zero-day vulnerabilities
  • Translating threat intelligence into actionable detection and defense improvements
  • Reporting, Metrics and dashboarding

Vulnerability & risk management (20%)

  • Leading threat & vulnerability management (TVM) activities
  • Risk prioritization, remediation tracking, and stakeholder reporting
  • Representing the security team in audits and regulatory compliance activities
  • Contributing to security policy, standards, and procedure development

Incident response & digital forensics (15%)

  • Leading investigation and response to high-severity and complex security incidents
  • Driving containment through post-incident review and lessons learned
  • Performing digital forensic investigations on endpoints, servers, and cloud environments
  • Conducting static and dynamic malware analysis to understand attacker TTPs

Threat detection & hunting (15%)

  • Proactive threat hunting using behavioral analytics and hypothesis-driven methodologies
  • Developing and maintaining threat models for critical business systems and data assets
  • Mentoring and coaching junior analysts on threat analysis and detection techniques

Security engineering & architecture (20%)

  • Collaborating with IT, DevOps, and business teams to integrate security into system design
  • Evaluating and recommending new security technologies, tools, and vendors
  • Participating in proof-of-concept testing for new security solutions

We’d Love to hear from you if: (Requirements section)

Must have:

  • At least a bachelor’s degree in computer science or related field
  • 2+ years of IT, email and cloud security, IT networking and/or network security experience
  • Experience working with SIEM, EDR, and/or IAM tools
  • Ability to meet deadlines and work with management across various disciplines
  • Proficiency with log analysis at scale and big data security analytics.
  • Ability to perform on-call duties during off-hours and holidays
  • An adaptable and flexible attitude towards changing business needs

Preferred skills and experience:

  • Knowledge of application security concepts and secure SDLC practices.
  • Experience with red team or penetration testing activities.
  • Exposure to regulatory compliance frameworks (PCI DSS, HIPAA, SOC 2, GDPR).
  • Experience in a cloud-native or hybrid-cloud enterprise environment.
  • Security +, ISC2 CC, CompTIA A+, CompTIA Network +, SSCP or CCT certifications

Carters is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, veteran status, or any other status protected by federal, state, or local law.

Apply
Arrow left icon