Cyber Security Analyst remote type Flexible (Hybrid/Remote/In-Office) locations New York time type Full time job requisition id R0010549 Work Locations: With the exception of some select roles that have in-office requirements, A+E Global Media operates on a flexible model that allows for remote, hybrid or full time in office work (in certain locales). Office locations include New York City, Los Angeles, Chicago, and Stamford, CT. Our list of eligible states in which employees may work remotely includes: California, Connecticut, Florida, Georgia, Illinois, Indiana, Maryland, Massachusetts, Michigan, Minnesota, Nevada, New Hampshire, New Jersey, New York, North Carolina, Oregon, South Carolina, South Dakota, Texas, West Virginia, Wisconsin, and Wyoming.   Division Story A+E’s Technology team is deep-rooted in the heart of our business. We have great people and great technologies, and together we take on the toughest challenges. As innovators, we choose to iterate, pivot, and adapt quickly. We’ve reinvented the way A+E leverages technology to produce and sell world-class content. We’ve modernized our core solutions and embraced a cloud first approach. Perched on the virtues of our “Technology Code”, we make technology better, create solutions together, and most of all, we have fun with it. Our team members are motivated individuals who help each other do remarkable things every day. Together we deliver best-in-class solutions that transform the way A+E works. If this sounds like something you want to be a part of, we want to hear from you! Job Description   THE ROLE: Cyber Security Analyst Cybersecurity is part of the Global Technology and Media Operations (GTMO) organization and is responsible for protecting A+E’s systems, data, and content across the company. The team works across corporate, consumer, and media supply chains.   This role sits within the Incident Management team and focuses on investigating and responding to security events across endpoint, identity, email, cloud, and network environments. The team uses a combination of internal capabilities and external partners to monitor and respond to threats.   The Cybersecurity Analyst partners with engineering and operational teams across the organization to investigate issues, contain threats, and improve how we detect and respond to security events.   MORE ABOUT WHAT YOU’LL DO: - Respond to and investigate security alerts, events, and incidents in a timely manner - Triage alerts and determine severity, scope, and potential impact - Analyze activity across tools such as CrowdStrike, Microsoft Defender for O365, Zscaler, and Abnormal - Support containment, remediation, and recovery actions during incidents - Document findings, actions, and decisions in the ITSM platform and track incidents through closure - Work with internal teams (Cloud, DevOps, Infrastructure, Client Services, AppSec) to investigate issues and execute containment and remediation actions - Correlate data across multiple systems to validate threats and reduce false positives - Identify gaps and contribute to improvements in detection, alerting, and response processes   BASIC REQUIREMENTS: - Bachelor’s degree in Computer Science, Information Technology, or equivalent experience is preferred - 4+ years of experience in cybersecurity or information security, including at least 2 years in incident response or security investigations - Hands-on experience analyzing and responding to security events, including log analysis, research, and coordinating across multiple tools and teams - Experience with endpoint detection and response tools (e.g., CrowdStrike) and SIEM platforms - Experience investigating alerts across endpoint, identity, email, or network environments - Familiarity with tools such as Microsoft Defender for O365, Zscaler, or similar platforms - Experience working in cloud environments (AWS, Azure, or similar) - Strong analytical, problem-solving, and communication skills, with the ability to manage multiple tasks   THE IDEAL CANDIDATE WILL HAVE: - Experience with AI phishing tools such as Abnormal Security or similar email security platforms - Experience with identity and access management (e.g., Okta, Entra ID) - Experience with vulnerability management tools (e.g., Qualys) - Experience working with data pipeline or log management tools (e.g., Cribl) - Experience with cloud security and incident response, especially in AWS - Cybersecurity certifications (e.g., Security+, CySA+, GCIA, GCIH, or similar), especially in incident response, threat intelligence, or threat hunting - Cloud certifications are a plus   Compensation Annual Pay Range: $100,870 - $116,000   Annual Incentive Target: 7.50%   The annual/hourly pay range displayed serves as a good faith estimate of the minimum and maximum base pay range for this role. Compensation for the role will be based on a number of different factors such as a candidate’s qualifications, skills, competencies, location, and experience. A+E offers a competitive total compensation package, which includes healthcare coverage, 401k matching, and a range of other benefits. Learn more at www.aegm.com/careers.   A+E Global Media proudly provides equal employment opportunity for all employees and job applicants, and makes employment decisions consistent with this principle.  The company’s employment actions and decisions – including recruitment, hiring, training, promotion, demotion, compensation, transfer, layoff, and termination – are made without regard to an employee’s race, color, religion, creed, age, national origin, ancestry, sex (which includes pregnancy, childbirth, breastfeeding, and related medical conditions), gender, sexual orientation, gender identity, gender expression, marital status, alienage or citizenship status, physical and/or mental disability, medical condition, family and medical leave status, genetic information, military or veteran status, or any other characteristic protected by applicable law. A+E Global Media is a joint venture of the Hearst Corporation and The Walt Disney Company. We are proud to be an Affirmative Action/Equal Opportunity Employer/Disabled/Veterans.

At L.L.Bean, we believe the outdoors brings out the best in all of us. We are committed to fostering a culture of belonging and creating safe, inclusive spaces where everyone feels welcome—both here and Outside. We value individual differences and are dedicated to maintaining an inclusive work environment where everyone can bring the best of their experience and talents and truly thrive. Position Purpose Contributes to the Information Security and Compliance team's Response and Run activities. Responsible for the execution, support, and stewardship of cybersecurity incident response, alert and vulnerability monitoring, and program initiative execution. Works closely with the GRC Risk Team to report and monitor cybersecurity risk. We offer: - Extraordinary employee experience - Flexible schedule - Work from home up to 5 days a week - Fitness subsidy - Education subsidy - 3 paid days to enjoy outdoor activities - 5 Personal/sick days - L.L.Bean employee discount - Asociación solidarista - Life and medical insurance - Company doctor About the role: - Monitor, operate, and maintain information security and compliance program infrastructure according to department strategy and business requirements. - Collaborate with business leaders, architects, engineers, and application development teams to implement scalable, sustainable, and measurable IT solutions. - Collaborate with technical leads, architects, and analysts on evaluating new tools and solutions for security components, compliance, and functionality. - Support the Risk team through security-related risk consultation and threat analysis. - Provide technical leadership for cybersecurity tools. - Collaborate with internal clients in support of technology requirements. - Participate in 24x7 on-call rotation for alerts and Incident Response for all technical, security related events. - Participate in capacity planning and hardware/software budget planning. - Participate and act as an IT leader during Incident Response Plan (IRP) review, testing, and execution. - Assist other analysts and engineers to utilize security tools and execute processes and procedures effectively. - Act as an information security and compliance consultant to enterprise projects as a subject matter expert. - Drive and employ standards within the context of job responsibilities. - Understand and apply change management procedures/principles. - Provide management with status reports and participate in program reporting. - Produce documentation for service portfolio. - Operationalize initiatives from engineering and ensure timely delivery, measured execution, process documentation, and continual improvement. - Other duties as assigned. About you: Education: 4-Year Bachelor's Degree in Computer Science, Cybersecurity, or a related field; or equivalent hands-on SOC / Incident Response experience. Experience: 3-5+ years in Cybersecurity English Level: C1 (Advanced) Skills and Qualifications - Ability to operate effectively in a fast‑paced, high‑pressure Security Operations environment, including handling multiple concurrent security incidents. - Prior experience in a SOC and/or Incident Response role, including triage, investigation, containment, eradication, and recovery activities. - Strong working knowledge of enterprise security technologies such as SIEM, SOAR, EDR/XDR, IDS/IPS, email security, and vulnerability management tools. - Demonstrated experience analyzing and responding to security alerts across endpoints, networks, cloud, and applications. - Strong analytical and problem-determination skills for investigating complex security incidents in large enterprise environments. - Experience performing incident documentation, root cause analysis, and post-incident reporting including lessons learned and improvement recommendations. - Ability to participate in a 24x7 on-call rotation and respond to high-severity security incidents outside normal business hours when required. - Proven ability to write clear, concise, and accurate technical and executive-level incident reports, timelines, and metrics. - Excellent written and verbal communication skills, with the ability to clearly explain technical findings to both technical teams and non-technical stakeholders. - Strong team skills including collaborative problem solving, coordination during live incidents, and effective communication under pressure. - Hands-on experience with: - Networking fundamentals (TCP/IP, DNS, HTTP/S, VPNs) - Windows and *NIX operating systems - Virtualized and cloud environments - Application and Internet-facing security threats - Scripting and automation experience is a plus, including Python, PowerShell, Bash, or similar languages, especially for investigation, enrichment, or response workflows. - Security certifications are a plus, such as GCIH, GCED, GCIA, CISSP, CISA, CISM, or equivalent IR-focused credentials. If you care about the outdoors, joining L.L.Bean is a great way to feel good about what you do. Our benefits package makes a good thing even better, with programs and perks designed to support your health and financial goals. Plus, maintaining a healthy work-life balance and re-charging outside are all part of the plan. If your experience looks a little different from what we've identified and you think you'd be great at this role, we'd love to learn more about you! At L.L.Bean, we believe the outdoors brings out the best in all of us. We strive to reflect this every day in our commitments to employees and partners and in our efforts to promote belonging.

About Vercel:Vercel gives developers the tools and cloud infrastructure to build, scale, and secure a faster, more personalized web. As the team behind v0, Next.js, and AI SDK, Vercel helps customers like Ramp, Supreme, PayPal, and Under Armour build for the AI-native web. Our mission is to enable the world to ship the best products. That starts with creating a place where everyone can do their best work. Whether you're building on our platform, supporting our customers, or shaping our story: You can just ship things. About the role:We are looking for a Staff GRC Analyst to join our Governance, Risk, and Compliance (GRC) team. You will have the opportunity to enhance our global compliance posture and further our commitment to managing enterprise risk. Your role will be instrumental in ensuring that our company operates in accordance with security requirements and embodies an environment where it’s everyone’s responsibility. This role will help shape the next iteration of the GRC program and further embed compliance requirements into the business. Think you may not have all the skills and are hesitant to apply? There is no “perfect” candidate and encourage you to apply if you think that you can bring value to our team and are passionate and committed to upholding the highest standards of compliance and ethics. If you’re based within a pre-determined commuting distance of one of our offices (SF, NY, London, or Berlin), the role includes in-office anchor days on Monday, Tuesday, and Friday, even if the role is listed as remote. For location-specific details, please connect with our recruiting team. Getting started: - We want you to feel like part of the team early on! Our team will help integrate you into the company with explanations on our product, policies, processes, team structure and roadmap. - We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and up-level the team, but we don’t expect you to know everything on Day 1. What you will do: - Own and scale commercial attestation program and audits (i.e., SOC 2, ISO 27001, PCI DSS, etc.) while maintaining alignment with business objectives and market demand. - Design and strengthen continuous monitoring processes to improve control effectiveness and mature control implementation from audit-ready to always-ready. - Drive evolution of security and compliance control frameworks that set the direction for proactive risk management. - Partner with cross-functional stakeholders, acting as a strategic connector ****to plan, implement, maintain & remediate control activities and supporting requirements (e.g. policies, standards, processes, system configurations, etc.) - Champion a culture of compliance accountability and business-enablement across the organization through autonomous program governance and reporting and building trusted relationships. About you: - Experience managing and running audits, certification programs and enterprise control assessments, including scope planning, defining requirements, policy and standards development, and control testing - Deep knowledge of audit processes, evidence requirements, and remediation lifecycle management for security and compliance frameworks (i.e., SOC 2, ISO 27001, PCI DSS) - Proven experience owning large-scale GRC programs, collaborating with technical and non-technical teams and driving initiatives to completion Bonus if you: - Familiarity with data governance, compliance or software development tools and systems (e.g., Drata, Linear, Github, etc.) - Experience supporting cloud, AI-native, and open source development environments and systems - Experience with FedRAMP or NIST frameworks, such as 800-53, AI RMF - Security certifications (e.g. CISA, CISSP) Benefits: - Competitive compensation package, including equity. - Inclusive Healthcare Package. - Learn and Grow - we provide mentorship and send you to events that help you build your network and skills. - Flexible Time Off. - We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed. The San Francisco, CA base pay range for this role is $180,000.00 - $270,000.00. Actual salary will be based on job-related skills, experience, and location. Compensation outside of San Francisco may be adjusted based on employee location. The total compensation package may include benefits, equity-based compensation, and eligibility for a company bonus or variable pay program depending on the role. Your recruiter can share more details during the hiring process. Vercel is committed to fostering and empowering an inclusive community within our organization. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, national origin, citizenship, age, marital status, veteran status, disability status, or any other characteristic protected by law. Vercel encourages everyone to apply for our available positions, even if they don't necessarily check every box on the job description.

• Conduct advanced investigations escalated from the MDR SOC and internally identified threats, including root cause analysis, evidence gathering, containment, and remediation across Microsoft Sentinel and Defender XDR. • Support incident response activities through the full lifecycle - detection, analysis, containment, eradication, recovery, and lessons learned - and contribute to the development of IR playbooks and procedures. • Contribute to MSSP oversight and quality assurance - reviewing escalation quality, providing feedback, and participating in joint detection tuning sessions. • Develop and execute threat hunts based on threat intelligence, MITRE ATT&CK gap analysis, and incident learnings, converting findings into detection rules or tuning recommendations. • Author and deploy detection content (KQL analytics rules) in Microsoft Sentinel, supporting the team's efforts to expand MITRE ATT&CK coverage and reduce detection gaps. • Support vulnerability management activities, including assessment of identified vulnerabilities, prioritisation, and coordination with the Technology team on remediation. • Produce operational metrics and MI reporting in support of governance and stakeholder reporting. • Mentor junior analysts, providing technical guidance on investigations, KQL development, and threat analysis techniques.