At L.L.Bean, we believe the outdoors brings out the best in all of us. We are committed to fostering a culture of belonging and creating safe, inclusive spaces where everyone feels welcome-both here and Outside. We value individual differences and are dedicated to maintaining an inclusive work environment where everyone can bring the best of their experience and talents and truly thrive.
Position Purpose
Contributes to the Information Security and Compliance team's Response and Run activities. Responsible for the execution, support, and stewardship of cybersecurity incident response, alert and vulnerability monitoring, and program initiative execution. Works closely with the GRC Risk Team to report and monitor cybersecurity risk.
We offer:
Extraordinary employee experience
Flexible schedule
Work from home up to 5 days a week
Fitness subsidy
Education subsidy
3 paid days to enjoy outdoor activities
5 Personal/sick days
L.L.Bean employee discount
Asociación solidarista
Life and medical insurance
Company doctor
About the role:
Monitor, operate, and maintain information security and compliance program infrastructure according to department strategy and business requirements.
Collaborate with business leaders, architects, engineers, and application development teams to implement scalable, sustainable, and measurable IT solutions.
Collaborate with technical leads, architects, and analysts on evaluating new tools and solutions for security components, compliance, and functionality.
Support the Risk team through security-related risk consultation and threat analysis.
Provide technical leadership for cybersecurity tools.
Collaborate with internal clients in support of technology requirements.
Participate in 24x7 on-call rotation for alerts and Incident Response for all technical, security related events.
Participate in capacity planning and hardware/software budget planning.
Participate and act as an IT leader during Incident Response Plan (IRP) review, testing, and execution.
Assist other analysts and engineers to utilize security tools and execute processes and procedures effectively.
Act as an information security and compliance consultant to enterprise projects as a subject matter expert.
Drive and employ standards within the context of job responsibilities.
Understand and apply change management procedures/principles.
Provide management with status reports and participate in program reporting.
Produce documentation for service portfolio.
Operationalize initiatives from engineering and ensure timely delivery, measured execution, process documentation, and continual improvement.
Other duties as assigned.
About you:
Education: 4-Year Bachelor's Degree in Computer Science, Cybersecurity, or a related field; or equivalent hands-on SOC / Incident Response experience.
Experience: 3-5+ years in Cybersecurity
English Level: C1 (Advanced)
Skills and Qualifications
Ability to operate effectively in a fast-paced, high-pressure Security Operations environment, including handling multiple concurrent security incidents.
Prior experience in a SOC and/or Incident Response role, including triage, investigation, containment, eradication, and recovery activities.
Strong working knowledge of enterprise security technologies such as SIEM, SOAR, EDR/XDR, IDS/IPS, email security, and vulnerability management tools.
Demonstrated experience analyzing and responding to security alerts across endpoints, networks, cloud, and applications.
Strong analytical and problem-determination skills for investigating complex security incidents in large enterprise environments.
Experience performing incident documentation, root cause analysis, and post-incident reporting including lessons learned and improvement recommendations.
Ability to participate in a 24x7 on-call rotation and respond to high-severity security incidents outside normal business hours when required.
Proven ability to write clear, concise, and accurate technical and executive-level incident reports, timelines, and metrics.
Excellent written and verbal communication skills, with the ability to clearly explain technical findings to both technical teams and non-technical stakeholders.
Strong team skills including collaborative problem solving, coordination during live incidents, and effective communication under pressure.
Hands-on experience with:
Networking fundamentals (TCP/IP, DNS, HTTP/S, VPNs)
Windows and *NIX operating systems
Virtualized and cloud environments
Application and Internet-facing security threats
Scripting and automation experience is a plus, including Python, PowerShell, Bash, or similar languages, especially for investigation, enrichment, or response workflows.
Security certifications are a plus, such as GCIH, GCED, GCIA, CISSP, CISA, CISM, or equivalent IR-focused credentials.
If you care about the outdoors, joining L.L.Bean is a great way to feel good about what you do. Our benefits package makes a good thing even better, with programs and perks designed to support your health and financial goals. Plus, maintaining a healthy work-life balance and re-charging outside are all part of the plan.
If your experience looks a little different from what we've identified and you think you'd be great at this role, we'd love to learn more about you! At L.L.Bean, we believe the outdoors brings out the best in all of us. We strive to reflect this every day in our commitments to employees and partners and in our efforts to promote belonging.
