E.L.F. BEAUTY - IT Security Analyst

Position Title : IT Security Analyst

Location : Ahmedabad, Gujarat/India - Remote

Employment Type : Full-Time

Shift hours : 7 :30 PM to 4 :30 AM for first 2 weeks for training and gradually shift to 5 :30 PM to 2 :30AM.

Exp : 3 to 10 Years

About the Company :

e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free
beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and
driven our portfolio expansion.

Today, our multi-brand portfolio includes e.l.f. Cosmetics, e.l.f. SKIN, pioneering clean beauty brand Well People, Keys Soulcare, a groundbreaking lifestyle beauty brand created with Alicia Keys and Naturium, high-performance, biocompatible, clinically-effective and accessible skincare.

In our Fiscal year 24, we had net sales of $1 Billion and our business performance has been nothing short
of extraordinary with 23 consecutive quarters of net sales growth. We are the #2 mass cosmetics brand
in the US and are the fastest growing mass cosmetics brand among the top 5.

Our total compensation philosophy offers every full-time new hire competitive pay and benefits, bonus eligibility (200% of target over the last four fiscal years), equity, and a hybrid 3 day in office, 2 day at home work environment.

We believe the combination of our unique culture, total compensation, workplace flexibility and care for the
team is unmatched across not just beauty but any industry.

Position Summary :

Our Information Technology team is seeking an additional team member to manage the security measures to protect e.l.f.'s systems, networks, and data. Under the direction of the IT Security Manager, the IT Security Analyst is responsible for the day-to-day operations of the in-place security solutions, participate in the detection, identification, investigation, and resolution of security breaches detected by those systems.

The position is also responsible for setting guidelines and procedures as well as conducting vulnerability audits and assessments. Other tasks may include involvement in the implementation of new security solutions, monitoring the networks for security issues, installing security software, and documenting any security issues or breaches.

The IT Security Analyst is expected to be fully aware of the company's security framework and roadmap
goals as established by its stated policies, procedures, and guidelines and to actively work towards
upholding those goals.

Responsibilities :

- Participate in the planning and design of corporate security architecture

- Demonstrate foresight in recognizing potential or existing security issues, vulnerabilities, and threats and work with cross-functional teams to implement remediation

- Recommend additional security solutions or enhancements to current security solutions to improve overall enterprise security

- Perform the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions following standard best operating procedures generically and the enterprise's security documents specifically

- Participate in the creation of corporate security documents (policies, standards, baselines, guidelines, and procedures)

- Participate in the planning and design of the corporate Business Continuity Plan and Disaster Recovery Plan

- Stay up-to-date on the latest security intelligence, including hackers' methodologies, in order to anticipate security breaches

- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they are under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.)

- Tune security events and correlation from applicable security products and sources

- Perform network traffic analysis, host behavior analysis, PC forensics, kill chain, windows event analysis, etc. to effectively detect and protect company assets

- Produce a monthly security operations dashboard with key performance indicators (incidents, metrics, security threats, intelligence, etc.)

Requirements :

- Bachelor's degree in Information Technology or Information Security or substantial work experience required

- Must have 3 years of hands-on working knowledge of various security technologies (PAN or Cisco Firewalls and VPN, NAC, Endpoint Protection Platforms, File Integrity Management, IPS/IDS, Application Firewalls, Vulnerability Scanner, Web Proxy, Content Filtering, MFA, SIEM Logging & Monitoring, and DLP)

- 3 years of hands-on experience in incident management with critical incident and security event response

- Good working experience implementing network and host security policies

- Good working knowledge of cloud and email infrastructure security

- Ability to work and lead on multiple projects simultaneously

- Strong understanding of IP, TCP/IP, and other network administration protocols

- Excellent interpersonal skills and ability to communicate on all levels with management and all end-users

One or more of the following certifications are desirable :

- Certified Information Systems Security Professional (CISSP)

- CompTIA Security+

- GIAC Information Security Fundamentals

- CCNA and/or MSCE/MCITP Enterprise Administrator

- Associate of (ISC)2

Personal Attributes :

- Proven analytical and problem-solving abilities.

- Ability to effectively prioritize and execute tasks in a high-pressure environment.

- Excellent written, oral, and interpersonal communication skills.

- Ability to conduct research into IT security issues and products as required