Senior Security Analyst

We’re seeking a Senior Security Analyst to play a key role in protecting Longo’s systems, data, and customers. You’ll combine hands‑on technical expertise with leadership in compliance, governance, and security operations, all in a collaborative, fast‑paced team environment.

• Threat Detection and Response: Oversee monitoring and investigation of security alerts from SIEM, EDR, and WAF; act as escalation lead for high‑severity incidents.
• Incident Management and On‑Call Support: Serve as escalation point during critical incidents; support after‑hours response for priority IT security events; document incidents with root cause analysis.
• Security Tool Integration and Operations: Lead deployment, configuration, and optimization of security technologies including PAM, SIEM, EDR, and micro‑segmentation solutions.
• Vulnerability and Patch Management: Oversee vulnerability scanning, analyze results, and coordinate remediation efforts.
• PCI‑DSS Compliance Operations: Act as primary coordinator for all PCI‑DSS compliance activities, including evidence collection, control validation, and audit readiness.
• Governance, Risk, and Policy Management: Own and maintain GRC tooling, procedures, and associated documentation; draft, update, and enforce IT Security policies and SOPs.
• Third‑Party Risk and Security Assessments: Conduct and coordinate third‑party vendor security assessments and track findings.
• Security Awareness and
  
  Education:
  
  Support monthly phishing simulations and awareness campaigns; track user awareness metrics.
• Reporting and Leadership Support: Prepare detailed security reports and provide regular updates to Senior Manager Cybersecurity.
• Mentorship and Knowledge Sharing: Mentor junior analysts and promote a culture of continuous improvement within the Cybersecurity team.

• 4–7 years in cybersecurity or technical security‑related roles.
• Advanced knowledge of Cybersecurity frameworks, Windows, Active Directory, and Cloud security controls.
• Hands‑on experience with SIEM, EDR, PAM, WAF, vulnerability management, and other security solutions.
• Strong working knowledge of PCI‑DSS controls and evidence management.
• Familiarity with NIST CSF 2.0, CIS Controls, ISO 27001.
• Excellent collaboration, communication, and documentation skills.
• Undergraduate or College Degree in IT, Computer Science, Engineering, or Cybersecurity (or equivalent experience).
• Certifications:
  
  Security+, CISSP, or CISA preferred; PCIP and cloud security certifications are an asset.

• Hybrid (remote and on‑site)
• On‑call responsibilities on a rotating schedule.

• Seniority level:
  Mid‑Senior level
• Employment type:
  
  Full‑time
• Job function:
  Information Technology
• Industries:
  Retail

Longo’s is committed to providing accommodations for people with disabilities throughout the recruitment process and, upon request, will work with qualified job applicants to provide suitable accommodation in a manner that takes into account the applicant’s accessibility needs due to disability.

If you require accommodation, please contact the Human Resources Coordinator at: