IT Security Analyst

About The Company
e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our multi-brand portfolio includes e.l.f. Cosmetics, e.l.f. SKIN, pioneering clean beauty brand Well People, Keys Soulcare, a groundbreaking lifestyle beauty brand created with Alicia Keys and Naturium, high-performance, biocompatible, clinically-effective and accessible skincare.

In our Fiscal year 25, we had net sales of $1 Billion and our business performance has been nothing short of extraordinary with 26 consecutive quarters of net sales growth. We are the #2 mass cosmetics brand in the US and are the fastest growing mass cosmetics brand among the top 5. Our total compensation philosophy offers every full-time new hire competitive pay and benefits, bonus eligibility (200% of target over the last four fiscal years), equity, and a hybrid 3 day in office, 2 day at home work environment. We believe the combination of our unique culture, total compensation, workplace flexibility and care for the team is unmatched across not just beauty but any industry.

Visit our Career Page to learn more about our team:

Our Information Technology team is seeking an additional team member to manage the security measures to protect e.l.f.'s systems, networks, and data. Under the direction of the IT Security Manager, the IT Security Analyst is responsible for the day-to-day operations of the in-place security solutions, participate in the detection, identification, investigation, and resolution of security breaches detected by those systems. The position is also responsible for setting guidelines and procedures as well as conducting vulnerability audits and assessments. Other tasks may include involvement in the implementation of new security solutions, monitoring the networks for security issues, installing security software, and documenting any security issues or breaches.

The IT Security Analyst is expected to be fully aware of the company's security framework and roadmap goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

Responsibilities

• Participate in the planning and design of corporate security architecture
• Demonstrate foresight in recognizing potential or existing security issues, vulnerabilities, and threats and work with cross-functional teams to implement remediation
• Recommend additional security solutions or enhancements to current security solutions to improve overall enterprise security
• Perform the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions following standard best operating procedures generically and the enterprise's security documents specifically
• Participate in the creation of corporate security documents (policies, standards, baselines, guidelines, and procedures)
• Participate in the planning and design of the corporate Business Continuity Plan and Disaster Recovery Plan
• Stay up-to-date on the latest security intelligence, including hackers' methodologies, in order to anticipate security breaches
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they are under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.)
• Tune security events and correlation from applicable security products and sources
• Perform network traffic analysis, host behavior analysis, PC forensics, kill chain, windows event analysis, etc. to effectively detect and protect company assets
• Produce a monthly security operations dashboard with key performance indicators (incidents, metrics, security threats, intelligence, etc.)

Requirements

• Bachelor's degree in Information Technology or Information Security or substantial work experience required
• Must have 3 years of hands-on working knowledge of various security technologies (PAN or Cisco Firewalls and VPN, NAC, Endpoint Protection Platforms, File Integrity Management, IPS/IDS, Application Firewalls, Vulnerability Scanner, Web Proxy, Content Filtering, MFA, SIEM Logging & Monitoring, and DLP)
• 3 years of hands-on experience in incident management with critical incident and security event response
• Good working experience implementing network and host security policies
• Good working knowledge of cloud and email infrastructure security
• Ability to work and lead on multiple projects simultaneously
• Strong understanding of IP, TCP/IP, and other network administration protocols
• Excellent interpersonal skills and ability to communicate on all levels with management and all end-users

This job description is intended to describe the general nature and level of work being performed in this position. It also reflects the general details considered necessary to describe the principal functions of the job identified, and shall not be considered, as detailed description of all the work required inherent in the job. It is not an exhaustive list of responsibilities, and it is subject to changes and exceptions at the supervisors' discretion.
e.l.f. Beauty respects your privacy. Please see our Job Applicant Privacy Notice ) for how your personal information is used and shared.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.