Senior Staff Threat Analyst

About

TJX Europe – At TJX Companies, every day brings new opportunities for growth, exploration, and achievement. You’ll be part of our vibrant team that embraces diversity, fosters collaboration, and prioritizes your development. Whether you’re working in our four global Home Offices, Distribution Centers or Retail Stores—TJ Maxx, Marshalls, Homegoods, Homesense, Sierra, Winners, and TK Maxx—you’ll find abundant opportunities to learn, thrive, and make an impact. Come join our TJX family—a Fortune 100 company and the world’s leading off‑price retailer.

Who We Are

The Cyber Incident Response (CIR) team prepares TJX to respond rapidly to critical security incidents; contain, eradicate, and recover through incident command management. This team of highly specialized subject matter experts defends the TJX environment through detail‑oriented analysis, thoroughness, partnership, and communications across all levels and teams throughout the business. Our approach to incident management aligns with NIST industry recommendations for containment, eradication, and recovery processes while also allowing the breadth and depth of analysis, forensic investigation, and stakeholder engagement. By working closely with teams across TJX, we perform technical root cause analysis across a spectrum of potential threats and assist with the remediation and restoration of business operations.

What You’ll Do

• Collaborate with cross‑functional teams to improve cybersecurity posture.
• Actively participate in responding to emerging and active threats.
• Recognizes and analyzes trends to make recommendations on optimizing processes, alerts, tools, and platforms.
• Defines and executes assigned projects, including contributing towards the development and dissemination of Tabletop Exercises (TTXs).
• Able to create and execute short to medium term strategies focused on exposure and incident response capabilities.
• Mentor and train junior and mid‑level analysts in advanced analytical techniques.
• Accurately document findings and provide suggested remediations with appropriate justifications.
• Present findings to technical audiences as well as senior leaders.

What You’ll Need

• 7+ years of Incident Response, Security Operations, Threat Defense, Threat Hunt, Adversary Emulation (e.g., Red, Blue, Purple Teaming), and/or Disaster Recovery and Business Continuity experience in an enterprise setting.
• Bachelor’s Degree or equivalent experience in Cyber Security, Information Technology, Information Assurance, or a related field.
• Strong experience designing, planning, implementing and executing incident response efforts across a variety of technologies and services including Web, mobile, network, IoT and Cloud.
• Familiarity with the NIST Cyber Security Framework (CSF), common security controls and their purposes, and technologies that supply those controls.
• Familiarity with using the MITRE ATT&CK and MITRE D3FEND frameworks to evaluate and enhance strategies against cyber threats.
• Experience with Threat Intelligence activities for enriching cyber operations data analysis and response.
• Experience with scripting languages such as Python and PowerShell.
• Experience coaching and teaching junior associates.
• Experience drafting reports for audiences that include both executive leadership and technical security engineers/analysts.
• Ability to collaborate, influence and coach a geographically distributed work group; and strong relationship‑management skills to include stakeholders, and holding team members across multiple levels accountable for commitments.
• Highly developed verbal and written communication skills (including an excellent ability to brief) at multiple levels, from analysts to executives; ability to work up and down the organization; and the ability to influence others to achieve results through building & maintaining partnerships.
• Ability to work effectively in a fast‑paced, demanding and fluid environment, remaining calm under pressure, and demonstrating excellent conflict‑management skills.

Preferred Qualifications

• Expert knowledge of Incident Response and Incident Command methodologies within cybersecurity and a global enterprise environment.
• Expert knowledge in modern Cyber Operations tools, platforms, and analysis (i.e., SOAR, SIEM, and sources of security data).
• Security certifications relating to Defensive Security (e.g., CISSP, CISA, CISM, GCIH, GCFA, etc.).
• Strong understanding of working as part of an internal Cybersecurity organization.
• Strong ability to develop advanced knowledge in specific fields and services, and to share insights and lessons learned to further enhance organizational preparedness.

Benefits

• Associate discount
• 401(k) match
• Medical, dental, and vision coverage
• Health Savings Account (HSA)
• Health care Flexible Spending Account (FSA)
• Life insurance
• Short‑ and long‑term disability
• Paid holidays, vacation, sick, bereavement, and parental leave
• Employee Assistance Program (EAP)
• Incentive programs for management
• Auto and home insurance discounts
• Tuition reimbursement and scholarship program
• Adoption and surrogacy assistance
• Smoking cessation support
• Child care and cell‑phone discounts
• Pet and legal insurance
• Credit union membership
• Referral bonuses

All benefits are subject to applicable plan or program terms (including eligibility terms) and may change from time to time.