Associate Information Security Analyst

About the position

Comfort starts with our 10,000+ team members across the globe, who are transforming the power of comfort every day. Our employees have the power to change lives, in our homes, work, and communities. We foster an inclusive environment while honoring a legacy built on family, where everyone can be themselves. If you are ready to join an industry-leading organization where our people are the most important asset, and innovation propels us into the future, you're ready to take your seat at La-Z-Boy Incorporated. WE BELIEVE IN THE TRANSFORMATIONAL POWER OF COMFORT. As an Associate Information Security Analyst, you will work closely with IT leaders and employees to identify and establish remediation plans for vulnerabilities in La-Z-Boy owned or managed information systems. This is accomplished by using security tools to monitor devices within the organization, ensuring that appropriate patches have been installed or that exceptions have been documented. You will be a key member of the Security Team, Incident Response Team, and Disaster Recovery Team. In this role, you will be responsible for the initial review of information security alerts, providing analysis, determining and tracking remediation, and escalating as appropriate. You will conduct reviews and triage utilizing your experience with endpoint detection and response tools. Operating the Security Incident and Event Management (SIEM) and other data analysis platforms will be part of your responsibilities, with assistance and oversight from other members of the security team. You will also prepare and update operational metrics on various dashboards and reporting tools, ensuring that stakeholders have appropriate situational awareness of the security posture. Monitoring various threat intelligence sources will be essential to maintain situational awareness of current and evolving threats. You will use your knowledge of La-Z-Boy information systems and threats to inform the threat surface of the systems. Additionally, you will conduct security testing and assessments supporting the change management and system development life cycle processes, using tools to perform penetration and application testing in accordance with defined parameters. You will apply INFOSEC best practices and principles to assess network protocols, architectures, equipment, services, standards, and technology security posture. There may also be opportunities to provide support and participate in IT investigations.