Lead, Intelligence Analyst

Description

About Estee Lauder Companies

The Estee Lauder Companies is the global leader in prestige beauty - delighting consumers with transformative products and experiences, inspiring them to express their individual beauty. We are the only company focused solely on prestige makeup, skin care, fragrance, and hair care with a diverse portfolio of 25+ brands sold in approximately 150 countries and territories. Infused throughout our organization is a passion for creativity and imagination - a desire to push the boundaries and invent the unexpected - as we continue the bold work of our founder Estee Lauder.

Who We Are

Do you want to be part of the team catalyzing digital innovation, harnessing the power of data, and transforming the fabric of security across the world's most prestigious beauty, skincare, and luxury fragrance brands? Then join the information security and technology team, Enterprise Cybersecurity & Risk (ECR) at Estee Lauder Companies (ELC). The ECR team fuels cyber-defense, technology excellence, risk and compliance, and global resilience. We stay on the forefront of cyber threats to deliver fit for purpose tools, technologies, and processes that protect ELC's business operations and empower secure strategic growth. If you thrive in change rich entrepreneurial environments, then this is the team for you. From our fast-paced delivery plans to our global team expansion, this is an exciting time to join us!

What You'll Do

Positioned within the Cyber Threat Intelligence (CTI) team within the Cyber Threat Management Center (CTMC) of ECR at ELC, the Lead Intelligence Analyst role is pivotal in analyzing and comprehending adversarial capabilities, infrastructure, and Tactics, Techniques, and Procedures (TTPs). This understanding drives targeted and prioritized cybersecurity operations by delivering timely, actionable intelligence to ELC stakeholders. The ideal candidate is an independent, critical thinker adept at meeting tight deadlines while satisfying intelligence requirements. They analyze adversaries' intent and capabilities to assess impact and severity on the environment, working on moderate to highly complex assignments requiring in-depth evaluation of variable factors.

You will be responsible for:

• Identifying, analyzing, reporting, and prioritizing cyber threats using open and closed source intelligence to investigate adversary behavior in partnership with the CTMC and other ECR teams.

• Maintaining cyber-threat trend and risk awareness that can affect ELC as it relates to the intersection of geopolitics, third-party / supply-chain risk, vulnerabilities, and the cyber-threat landscape.

• Monitoring, reviewing, and analyzing internal, open source, and dark web datasets to extract threat information, adding value to ECR cyber-defense efforts.

• Spearhead the team in conducting comprehensive technical analyses utilizing industry-accepted threat intelligence frameworks, tools, and standards.

• Direct the application of current cyber threat actor, campaign, and associated TTP knowledge to fortify and improve cyber-defense activities continuously.

• Supervise the creation and delivery of actionable written and verbal intelligence products tailored for tactical, operational, and strategic audiences, facilitating informed decision-making by organizational leaders.

• Lead the team in generating customized, actionable products derived from analyzed threat campaigns, external/internal events, and incidents.

• Direct the development of analytical hypotheses, overseeing the research/analysis process to validate findings and effectively communicate them to stakeholders.

• Supervise the provision of accurate, priority-driven analysis of cyber activity / threats, ensuring complex operational/technical topics are effectively presented to senior leadership and stakeholders.

• Lead the provision of threat expertise on cybersecurity remediation countermeasures during incident response efforts and continuous mitigation efforts to support the business.

• Oversee the establishment and maintenance of excellent working relationships/partnerships with cybersecurity and infrastructure support teams across the organization and various business segments.

• Lead collaboration efforts with other CTMC and ECR teams to deliver timely and actionable intelligence, influencing ECR strategy based on relevant threats.

• Direct the development and refinement of cyber threat intelligence collection and analysis processes to enhance efficiency and effectiveness.

• Oversee the collection and analysis of artifacts, including malicious executables, scripts, documents, and packet captures, ensuring thorough investigation and documentation.

• Supervise the generation of presentations illustrating research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership.

• Provide managerial input for the development of objectives, key results, and program metrics to drive success.

• Oversee the maintenance or development of professional contacts in various communities to support operational needs.

• Supervise the collaboration and sharing of intelligence with industry groups such as the ISACs, federal, state, local agencies, and international partners to enhance collective security efforts.

What We Offer

• Medical/Dental/Vision Insurance

• Extensive Paid Parental Leave and Adoption Assistance

• Learning & Education Assistance

• Student Loan Contributions

• PTO for Volunteer Work

• Child and Elder Care Assistance

• 401(k) Savings Plan and match

• Pension Plan/Retirement Growth Account

• Stock Purchase Programs

• Quarterly Product Allowance and Employee Discounts

Qualifications:

Who You Are

• 3-7 years of cybersecurity, threat intelligence, or IT experience; experience in leading people or initiatives is a plus.

• 3-5 years of operational or tactical cyber threat analysis experience.

• Experience in one or more cybersecurity functions such as Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection / Prevention, Monitoring, Incident Response, or Digital Forensics.

• Experience and working knowledge of the MITRE ATT&CK® Framework, to include threat groups, tactics, techniques, procedures, data sources, and mitigations.

• Familiarity with the NIST Cybersecurity Framework, Center for Internet Security Critical Security Controls.

• Preferred education: Bachelor's degree in IT, Computer Science, Intelligence, or equivalent experience.

• Preferred certifications: CISSP, GCTI, GREM, OSCP, or similar are beneficial.

The anticipated base salary range for this position is $98,500 to $165,750. Exact salary depends on several factors such as experience, skills, education, and budget. Salary range may vary based on geographic location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results as well as participation in the share incentive plan.

In addition, The Estee Lauder Companies offers a variety of benefits to eligible employees, including health insurance coverage, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education-related programs, paid holidays and vacation time, and many others. Many of these benefits are subsidized or fully paid for by the company.