Security Analyst III

Discovery is at the centre of everything we do. Wherever you find us around the world, if you can think of a product, you can probably find it in our stores. We are part of the TJX Family which includes TK Maxx, and Homesense in Europe and the UK and across the rest of the world you will find us as TJ Maxx, Marshalls, HomeGoods, Sierra and Winners.With variety comes plenty of surprises—our is ever-changing, and that’s just how we like it. Every day is an opportunity to discover something new about our business, our partnerships and even something exciting about yourself. Are you ready to Discover Different? Security Engineer (IAM / Active Directory) TJX is seeking a passionate Directory Security Engineer to join our growing IAM Team. As a member of TJX IAM, you will play a key role in improving how Identity operates at TJX, bringing in best practices and learning through hands-on experience with leading security tools and practices. Join a passionate, collaborative team poised to change how TJX associates work, making it easier to do their jobs and be more productive on day one, while also better protecting company data. This role will deliver on Active Directory and Azure AD enhancements to deliver IAM services in a more consistent, high-quality manner while keeping TJX safe. Responsibilities Partner with IT Security experts from the Cyber Security organization (SOC, Endpoint, Network) and IAM peers to design and implement new security solutions Support Active Directory and Azure AD security projects Providing Subject Matter Expertise for the security hardening of Active Directory and Azure AD Creating, Modifying, and assessing Group Policy Objects as they relate to Identity and machines in AD and how they are secured, governed, enabled and monitored Using scripting techniques, such as powershell, to report on or make bulk modifications to Active Directory and Azure AD identities and data. Authoring custom scripts as well as troubleshooting existing scripts used by the team to monitor, report on and manipulate AD or Azure AD data Create and maintain technical documentation and diagrams depicting solutions built, and technical & process gaps. Serve as a technical expert to level 1 and level 2 teams having issues with Active Directory or Azure AD Provide after hours and on-call level 2/3 support as part of a rotation Minimum Qualifications: Passionate about cyber security and Identity Management, eager to use existing skills to improve the IAM capabilities of TJX and extend skills and knowledge through new IAM experiences Experience supporting an Active Directory and/or Azure AD hardening the security of Active Directory/Azure, responding to audit or security review findings Experience working in a large organization within Information Technology Bachelor’s degree in Cyber Security, Information Technology or related field or equivalent experience Additional Qualifications Experience working in a regulated such as SOX, PCI, FDA or EMEA Working knowledge of Unix/Linux or Oracle identity (such as Centrify, OIDCS, OID) Knowledge of the NIST Cyber Security Framework (CSF), NIST 800-53, Center for Internet Security (CIS) and best practices for Cyber Security Standards and how to apply them in enterprise Certifications: CISSP, MCSE: Server Infrastructure, MCSA: Windows Server 2012, MCITP: Enterprise Administrator on Windows Server 2008 Advanced Degree in Cyber Security, Information Technology or related field Experience diagraming complex technical integrations & processes within Visio or similar workflow or data modeling tool Come and Discover Different at TJX. From opportunity and teamwork to growth, we think you’ll find that it’s so much more than a job. When you’re a part of our global TJX family, you have the full support of a diverse, close-knit group of people dedicated to finding the greatest deals and fantastic style. Best of all? They have a lot of fun doing it. We care about our culture, but we also prioritise the important things like competitive salaries, solid benefits and plenty of room to grow in your role. It’s our way of empowering you to make your career here. We consider all applicants for employment without regard to age, disability, gender, gender reassignment, marriage and civil partnerships, pregnancy and maternity, race, religion or belief and/or sexual orientation.