QUESTIONNAIRE-6-38

03

Serving the needs of all families with young children, Carter’s Inc. is the largest North American apparel retailer exclusively for babies and young children, encompassing Carter’s, OshKosh B’gosh, Skip*Hop and Little Planet brands. Meaningful work, constant learning, genuine people, and a community guided by core values that promote inclusion and innovation is in everything we do. There are many reasons to build your career at Carter's.

How You’ll Make an Impact:

Do you have a knack for spotting digital threats and building strong relationships? Carter's is seeking a Senior Information Security Analyst to join our team!

This Senior Information Security Analyst opening on our team at Carter's is about keeping our systems safe and fostering collaboration across the security teams. You'll leverage your security expertise and communication skills to analyze threats, manage vulnerabilities, and keep our information secure.

This role reports to the Manager of Information Security, based out of our Atlanta Headquarters.

Security Operations - 50%

• Responsible for day-to-day information security analysis; supporting the information security manager with events, vulnerabilities, threats, and alerts oversight

• Success in this role requires the ability for superb relationship building, particularly with our information security, engineering, and compliance colleagues.

• Demonstrate proficiency with various security tools including IT Security’s toolset, including end point protection, SIEM, SOC portal/alerts, and threat / intelligence services.

• Create a variety of security related reports based on guidance from leadership; present metrics in an organized and understandable format for the information security manager and broader IT management team to help make informed decisions.

• Create, build, and maintain partnerships with all levels of the organization, ensuring collaboration in system changes and enhancements.

• Intermediate reporting using Tableau; integrating data from various disparate sources.

• Provide support to the security engineers by performing technical administrative tasks.

• Effectively communicate verbally and in writing with information security vendors including the managed security operations center.

• Provide minimal guidance, support, and advice to offshore analysts with oversight from the Information Security Manager.

Vulnerability Management - 50%

• Partner with the information security team; track vulnerabilities, notify team of threats, support event and incident management, and related analysis.

• Collect, analyze, summarize, and report all data related to vulnerability management; track vulnerability remediations with system owners.

• Provide technical remediation guidance to system owners as needed.

• Configure, manage, update Internal Vulnerability Scanning (IVS) tool for the on-premises environment, and CSPM tool for cloud environment.

We’d Love to hear from you if:

Must haves:

• 2-years preferable, general information security experience; including reporting and analysis

• 1-year analyst experience; preferably in a retail environment. Strong technical background / understanding

• 1-year minimum Security Incident & Event Management (SIEM) experience or equivalent knowledge

• 1-year required for Threat and Vulnerability Management systems such as Tenable, Rapid7, etc.

• Experience working with cloud technologies and services

• Critical thinking with a drive for process improvement

• Work cross-functionally with all layers of the organization and possess strong verbal, written, presentation and communication skills

• Proficient with Microsoft Excel, Word, and PowerPoint

• Basic programming, SQL queries; scripting a plus

• Ability to work in highly collaborative environment

Nice-to-haves:

• Bachelor’s degree in an appropriate field

• Retail technical security experience

OUR Team Members:

• Lead Courageously: Have a strong sense of personal values that align with our Company values

• Collaborates Broadly: Build cooperation, trust, and thrive in a consensus driven environment

• Customer Focus: Proactively seek opportunities to leverage data and fact-based insights to serve customers and/or internal clients

• Drive Growth: Set aggressive goals and implement plans precisely

• Cultivates Innovation: Respectfully challenge the "we’ve always done it this way" mentality and explore new ways to achieve desired outcomes

Make a career at Carter’s:

• Career Development: Success starts from within, and we have several paths from which you can choose to enhance your career evolution. From Carter’s University to Toastmasters to mentorship programs and more, we encourage you to utilize these tools to elevate your professional prowess.

NOTE: This job description is not intended to be all-inclusive. The duties described may be changed or reassigned at the discretion of management, and the employee may be required to perform duties that are not listed in the job description.

Carters is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, veteran status, or any other status protected by federal, state, or local law.