Digital Security Analyst (Remote)

  • Abercrombie and Fitch Co.
  • Remote * (Columbus, OH, USA)
  • Jan 15, 2022
Analyst Telecommuting

Job Description

Job Description

The Digital Security Analyst will serve as a vital intermediary between Information Security and the ever-growing Data & Analytics, eCommerce, and Customer Facing Technology teams. They will be responsible for identifying and mitigating risks, ensuring that all parties are aware of each others roadmaps, and coming up with creative solutions to improve our customers security experience.


* Embedding with eCommerce, Data & Analytics, and Stores development teams tounderstand their immediate and future facing work
* Identifying risks to sensitive data that come along with working in a rapidly changing,customer-facing environment
* Collaborating with Scrum Masters and Program Managers to capture and prioritizefeatures that ensure customer data is handled in a secure fashion while still enabling ourteams to move quickly in pursuit of a personalized experience for our customers
* Teaming up with Strategy & Architecture and Information Security teams to researchemergent technology and data risks
* Informing the Information Security roadmap to help ensure that our team is ready forwhatever lies ahead
* Iterate upon Application Security Policy and training documents to ensure that alldevelopers within the organization are set up for success
* Architect 3rd Party Component and SaaS configurations to ensure that software isleveraged in a secure fashion
* Other assigned activities with the purpose of advancing our digital securityposture


* BA/BS Degree in Information Security, Computer Science, MIS, related field, orequivalent experience.
* 3+ years of experience in a related field in a Product Management, Software
Development, or Application Security role
* Experience in all phases of the software development life cycle, including featurediscovery
* Working knowledge of coding best practices
* Strong communication skills and a willingness to share opinions to a large group
* Understanding of basic application security concepts, including OWASP Top 10 andOWASP API Top 10 vulnerabilities
* Strong documentation skills to capture security concerns and follow-up on mitigationsteps
* Ability to perform prompted research exercises with minimal guidance