Enable America Jobs

At SpartanNash, we deliver the ingredients for a better life through customer-focused innovation. We do this for our supply chain customers and U.S. military commissaries, retail store guests and, most importantly, our Associates. In fact, we see a day when each will say, “I can’t live without them.”

Our SpartanNash family of Associates is 17,000 strong, ranging from bakery managers to order selectors; from IT developers to vice presidents of finance; from HR Business Partners to export specialists. Each of them plays an integral role in SpartanNash’s People First culture, Operational Excellence and Insights that Drive Solutions. Ready to contribute to the success of our food solutions company? Apply now!

Location:

850 76th Street S.W. - Byron Center, Michigan 49315

Job Description:

Position Summary:

The Security Operations Analyst III is primarily responsible for activities relating to monitoring and responding to security events. The Security Operations Analyst III receives, researches, triages, and documents all security events and alerts as they are received. This individual supports multiple security-related platforms, vulnerability management, projects, and technologies. Interfacing with others within the IT organization, as well as other internal business units and external customers/partners. Events will be generated from endpoints, networks, security information and event management (SIEM) systems, threat intelligence platforms, employees, third parties, and other sources. The Security Operations Analyst III is expected to hunt for potential threats and compromises across the infrastructure.

The Security Operations Analyst III reports to the SOC manager and is an involved member of the SOC team. This role must display an in-depth understanding of trends and technologies related to IT security and compliance and contribute to the company IT security strategy and roadmap.

Here's what you'll do:

• As an active member of the team, monitor and process response for security events on a 24x7 basis.

• Must Follow standard operating procedures for detecting, identifying, responding, and reporting incidents.

• Vulnerability management.

• Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).

• Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.

• Leverage automation and orchestration solutions to automate repetitive tasks.

• Assist and/or lead incident response as events are escalated, including triage, remediation, and documentation.

• Assist and/or lead in threat and vulnerability research across event data collected by systems.

• Investigate and document events to assist and/or lead incident responders, managers and other SOC team members on security issues and the emergence of new threats.

• Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships.

• Share information as directed with other team members.

• Seek opportunities to drive efficiencies.

• Manage security event investigations, partnering with other departments (e.g., IT) as needed.

• Evaluate SOC policies and procedures and recommend updates to leadership as appropriate.

• Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.

• Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.

• Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security, and data networking, to offer global solutions for a complex heterogeneous environment.

• Maintain working knowledge of advanced threat detection as the industry evolves.

• Perform other duties as assigned.

Here's what you'll need:

• Bachelor’s degree in Cybersecurity or related and/or relative work experience.

• Experience working in a 24x7 operational environment, with geographic disparity preferred.

• Experience driving measurable improvement in monitoring and response capabilities at scale.

• Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.

• Knowledge of a variety of Internet protocols.

• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

• Working knowledge/experience with network systems, security principles, applications and risk and compliance initiatives such as Payment Card Industry (PCI), Health Information Portability and Accountability Ace (HIPAA), Sarbanes-Oxley Act (SOX) and the General Data Protection Regulation (GDPR).

• Demonstrates highly effective communications skills, with ability to influence business units.

• Has an analytical and problem-solving mindset.

• Is highly organized and efficient.

• Leverages strategic and tactical thinking.

• Works calmly under pressure and with tight deadlines.

• Demonstrates effective decision-making skills.

• Is highly trustworthy; leads by example.

Certifications:

• CISSP a plus

• GCIH or GCIA, GPEN

• CEH

As part of our People First culture, SpartanNash is proud to offer a robust and competitive Total Rewards benefits package (https://careers.spartannash.com/why-work-here/benefits/) .

SpartanNash is an Equal Opportunity Employer, including disability and veteran, that celebrates diversity and believes employing a diverse workforce is key to our success. We are committed to providing equal employment opportunities to all individuals.

We are not able to sponsor work visas for this position.

SpartanNash (Nasdaq: SPTN) is a food solutions company that delivers the ingredients for a better life. Committed to fostering a People First culture, the SpartanNash family of Associates is approximately 17,000 strong. SpartanNash operates two complementary business segments – food wholesale and grocery retail. Its global supply chain network serves wholesale customers that include independent and chain grocers, national retail brands, e-commerce platforms, and U.S. military commissaries and exchanges. The Company distributes products for every aisle in the grocery store, from fresh produce to household goods to its OwnBrands, which include the Our Family® portfolio of products. On the retail side, SpartanNash operates 144 brick-and-mortar grocery stores, primarily under the banners of Family Fare, Martin’s Super Markets and D&W Fresh Market, in addition to dozens of pharmacies and fuel centers. Leveraging insights and solutions across its segments, SpartanNash offers a full suite of support services for independent grocers. For more information, visit spartannash.com .