Security Analyst

3 days ago

Raleigh, NC, United States Advance Auto Parts Full time
Job Description

We are seeking a highly motivated Cyber Risk Analyst to join our Governance, Risk, and Compliance (GRC) team within Information Security (InfoSec). In this role, you will identify, evaluate, and monitor security risks across a complex, high-volume retail ecosystem including stores, distribution centers, cloud environments, and enterprise systems and applications. You will partner closely with technology, compliance, and business stakeholders to ensure risks are understood, documented, and treated in alignment with our cybersecurity strategy, risk management framework, and industry best practices.

This position is Hybrid (4 days in office, 1 day remote), based at our corporate headquarters in Raleigh, North Carolina. Flexibility for occasional travel may be required.

Key Responsibilities

Risk Evaluation
  • Conduct security risk assessments across applications, infrastructure, and operations.
  • Analyze technical and business impacts, likelihood, and severity of identified risks.
  • Document risks clearly in the InfoSec risk register, ensuring accuracy, completeness, and traceability.
  • Evaluate proposed controls for adequacy and provide recommendations based inherent risk.
Risk Treatment
  • Document risk treatment plans including mitigation strategies, compensating controls, ownership, and timelines.
  • Collaborate with risk owners to ensure treatment plans are actionable and aligned with business priorities.
  • Track and report on treatment progress, risk acknowledgements, and residual risk.
  • Escalate critical risk items and overdue treatments to leadership as needed.
Monitoring
  • Support ongoing risk monitoring and reporting activities, including dashboards and scorecards for senior leadership.
  • Facilitate risk review meetings with technology and business owners.
  • Maintain metrics to measure risk posture and treatment effectiveness.
Incident & Issue Support
  • Collaborate with Security Operations, IT, and business teams to evaluate risks associated with security incidents, vulnerabilities, and audit findings.
  • Provide recommendations to reduce residual risk or strengthen overall control posture.
Compliance & Standards Alignment
  • Assist with aligning internal processes to regulatory and industry standards relevant to retail (PCI DSS, SOX ITGC, etc.).
  • Contribute to updates of internal policy, standard, and procedure.
Qualifications

Required
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent experience.
  • 2-4 years of experience in cybersecurity, IT audit, risk management, or related discipline.
  • Knowledge of common security frameworks (NIST CSF, NIST 800-53, ISO 27001, PCI DSS).
  • Experience conducting risk assessments and reviewing security controls.
  • Strong analytical, communication, and documentation skills.
  • Ability to translate technical details into clear business impacts.
Preferred
  • Experience in a large enterprise or retail environment.
  • Familiarity with GRC-related platforms (e.g., ServiceNow, OneTrust).
  • Understanding of cloud environments (AWS, Azure, GCP) and modern tech stacks.
  • Knowledge of Cyber Third-Party Risk Management and Compliance.


California Residents click below for Privacy Notice:

https://jobs.advanceautoparts.com/us/en/disclosures

  • IT Security Analyst

    21 hours ago

    Raleigh, NC, United States Global Channel Management Full time

    About the job IT Security Analyst IT Security Analyst needs 3+ years experience IT Security Analyst requires: IT security Cyber security Banking industry Finance industry IT Security Analyst duties: Supports Information Security and Cyber Threat management programs within the Bank at an advanced level of ability. Analyzes vulnerability and threat data to...

  • IT Security Analyst

    10 hours ago

    Raleigh, NC, United States Global Channel Management Full time

    About the job IT Security Analyst IT Security Analyst needs 3+ years experience IT Security Analyst requires: IT security Cyber security Banking industry Finance industry IT Security Analyst duties: Supports Information Security and Cyber Threat management programs within the Bank at an advanced level of ability. Analyzes vulnerability and threat data to...

  • Cyber Security Analyst III

    4 days ago

    Raleigh, NC, United States PLANIT Group Full time

    PlanIT Group is seeking a Cyber Security Analyst III to support our Federal customer in the Washington, DC area. The ideal candidate must demonstrate a solid understanding of cyber security analysis, incident response, incident handling, and a proven experience on an incident response team. Experience with Splunk, Sentinel One, Armis, SNA preferred. Job...

  • Cyber Security Analyst III

    3 days ago

    Raleigh, NC, United States PLANIT Group Full time

    PlanIT Group is seeking a Cyber Security Analyst III to support our Federal customer in the Washington, DC area. The ideal candidate must demonstrate a solid understanding of cyber security analysis, incident response, incident handling, and a proven experience on an incident response team. Experience with Splunk, Sentinel One, Armis, SNA preferred. Job...

  • Workday Security Analyst

    2 weeks ago

    Raleigh, NC, United States International Staff Consulting Full time

    The Workday Security Administrator is a Senior Workday HRIS Analyst and is responsible for the administration, maintenance, and optimization of the security configuration in Workday, the Human Resources Information System (HRIS). The Workday Security Administrator develops and manages custom security roles, permissions, and access within the Workday system...

  • Workday Security Analyst

    1 day ago

    Raleigh, NC, United States International Staff Consulting Full time

    The Workday Security Administrator is a Senior Workday HRIS Analyst and is responsible for the administration, maintenance, and optimization of the security configuration in Workday, the Human Resources Information System (HRIS). The Workday Security Administrator develops and manages custom security roles, permissions, and access within the Workday system...

  • Workday Security Analyst

    1 week ago

    Raleigh, NC, United States Affinity Executive Search Full time

    . The Workday Security Administrator is a Senior Workday HRIS Analyst and is responsible for the administration, maintenance, and optimization of the security configuration in Workday, the Human Resources Information System (HRIS). The Workday Security Administrator develops and manages custom security roles, permissions, and access within the Workday system...

  • Workday Security Analyst

    1 week ago

    Raleigh, NC, United States International Staff Consulting Full time

    The Workday Security Administrator is a Senior Workday HRIS Analyst and is responsible for the administration, maintenance, and optimization of the security configuration in Workday, the Human Resources Information System (HRIS). The Workday Security Administrator develops and manages custom security roles, permissions, and access within the Workday system...

  • Information Security Analyst II

    5 days ago

    Raleigh, NC, United States eTeam Full time

    Job Title: Information Security Analyst II Job Type: 6 months contract Location: Remote, NC Pay Rate: $75/Hour on W2 Key Responsibilities: Access Review Management: Lead and execute periodic access reviews (certifications) within the SailPoint platform, coordinating with data owners and application teams to validate user access rights. Compliance &...

  • Information Security Analyst II

    6 days ago

    Raleigh, NC, United States eTeam Full time

    Job Title: Information Security Analyst II Job Type: 6 months contract Location: Remote, NC Pay Rate: $75/Hour on W2 Key Responsibilities: Access Review Management: Lead and execute periodic access reviews (certifications) within the SailPoint platform, coordinating with data owners and application teams to validate user access rights. Compliance &...