• IS Security Analyst

    Menards, Inc. (Eau Claire, WI)


    IS Security Analyst

     

    Job#:403991

     

    Department:Information Systems

     

    Category:General Office

     

    Salary:Hourly

     

    Return To List

    Job Description

    Why Work for Menards?

     

    + Profit Sharing & Team Member Discount

    + Highly collaborative work environment

    + Monday – Friday work week

    + On campus coffee shop/cafeteria with live music!

    + Pay based on experience

    POSITION SUMMARY

    The Security Analyst assesses risks and security events across the enterprise, leveraging SIEM and other security tools to identify issues and support remediation. This position also contributes to the proper design, monitoring, and maintenance of security controls that safeguard Team Member and Guest information.

     

    This position requires a highly motivated, team-oriented person with strong communication skills. Relocation to Eau Claire, WI and minimal travel required.

    PRIMARY RESPONSIBILITIES

    Security Operations & Monitoring

     

    + Analyze alerts and reports generated by SIEM and other security tools to determine underlying causes, identify notable security events, and support timely remediation.

    + Recommend improvements to detection logic, dashboards, and monitoring practices to enhance visibility and reduce false positives.

    + Act as a resource to other IS teams by generating custom reports or insights as needed.

    + Support proactive hardening efforts by delivering relevant SIEM and security tool data to teams responsible for improving Active Directory security.

     

    Incident Response Support

     

    + Participate in incident response activities by documenting findings, collecting evidence, and communicating with internal teams.

    + Contribute to post-incident reviews by helping to identify process, control, or monitoring gaps, and recommending improvements.

    + Support continuous improvement of incident response playbooks by providing feedback and identifying opportunities to refine existing procedures.

     

    Risk Assessment & Security Governance

     

    + Support risk assessments for projects, system changes, and new technologies by evaluating potential threats and recommending safeguards.

    + Assist in maintaining and improving security policies, standards, and procedures.

    + Support compliance efforts (e.g., PCI DSS) by assisting with maintaining relevant documentation.

    + Support risk-based prioritization of security issues by assisting with tracking identified weaknesses and coordinating follow-up activities.

     

    Collaboration & Communication

     

    + Provide clear reporting on findings, trends, and identified security issues for use within the security team and related stakeholders.

    + Serve as a resource to other IS teams, offering guidance on secure configurations and proactive hardening.

    + Other tasks as assigned by manager

    Skills/Requirements

    POSITION REQUIREMENTS

    + Bachelor’s or Associate’s degree in Cyber Security, Computer Science, MIS, a related field, or equivalent work experience.3+ years of Information Systems experience, including at least 2 years in Information Security.

    + One or more practitioner-level certifications such as CompTIA CySA+, ISC2 SSCP, ISACA CISA, or GIAC GSEC.

    + Excellent analytical skills for root-cause determination and resolution.

    + Experience creating or maintaining Information Security policies, procedures, standards, or guidelines.

    + Hands-on experience with security information and event management (SIEM) platforms like Splunk, CrowdStrike Next-Gen SIEM, QRadar, or similar platforms.

    + Ability to communicate technical findings clearly and concisely to both technical and non-technical audiences.

    + Demonstrated ability to assess security issues methodically and develop recommendations that appropriately address the underlying issues.

    + Ability to work independently and effectively manage multiple tasks.

    + Must work within designated normal office hours assigned or required by work.

    + May be required to work overtime and provide on-call support, including weekends and holidays.

    + Candidates must be eligible to work in the United States without sponsorship.

    PREFERRED QUALIFICATIONS

    + Proficiency in writing queries for SIEM platforms such as Splunk or CrowdStrike Next-Gen SIEM to support investigations and custom reporting.

    + SIEM certifications such as Splunk Core User or Splunk Power User.

    + Experience auditing security configurations of operating systems, including Microsoft Windows Server and enterprise Linux distributions.

    + Experience supporting cloud security efforts and evaluating configurations for adherence to established security standards.

    + Familiarity with security frameworks such as NIST CSF, and experience applying the MITRE ATT&CK framework in investigations or control evaluations.

    + Experience supporting security initiatives for hardening Active Directory, Azure AD, or other identity platforms.